IT Security Portfolio

  • Portability and interoperability of services and data

  • Design for multi-tenancy

  • Identity extension and federation over public and hybrid clouds

  • Security GRC cloud specific

  • Protect data and applications through isolation and integrity

  • Image sprawl and patching, risk propagation by cloning

  • Traffic inspection within or across virtual network (not only physical)

  • Workload inspection and logging

  • Application security testing over the provider solution stack

  • DevOps without attention to security can counterproductively facilitate introduction of vulnerabilities at both static and runtime stages