# 1.6 Explain the threats and vulnerabilities associated with operating in the cloud

Cloud service models:

* SaaS: customer only chooses application; hardware managed by provider; access control
* PaaS: configurable hardware + software/development tools; data protection
* IaaS: configurable hardware; VM management (VM escape; virtual host patching; virtual guest issues \[patching]; virtual network issues)
* Cloud deployment models:
  * Public: public cloud provider sells services to consumers
  * Private: internal enterprise service to internal customers
  * Community: several companies work on same platform
  * Hybrid: mix of on-premises, private cloud & public cloud
* FaaS/serverless architecture: apps are hosted by 3rd party; all server software/hardware management is done by the provider
* IaC: managing/provisioning DCs using machine-readable files
* Insecure API: Internet-exposed management APIs can have software vulnerabilities (e.g. anonymous access; plaintext authentication; improper authorisations)
* Improper key management: unencrypted; Internet-exposed key server; weak/reused key
* Unprotected storage: insider threats; malicious file entry; impersonation; worm that is auto-synced to the cloud, and spread from the cloud to other users
* Logging and monitoring:
  * Insufficient logging and monitoring: late detection; undetected password spraying; ignored alerts; unidentified suspicious activity
  * Inability to access: access logs provide info about failed requests made to cloud