ABSTRACT
This chapter provides insight into vulnerability management where cloud computing resources are concerned. There are considerable benefits to an agile technology environment that can respond to business needs in days, hours, and even minutes rather than weeks and months. These capabilities can yield competitive and cost advantages. To achieve these benefits, cloud service providers manage computing resources for numerous customers at lower cost and with faster provisioning. Generally following the Open Systems Interconnection model, a cloud service is provided at one or more of these levels: Physical, Data Link, Network, Transport, Session, Presentation, and Application. All such cloud services can be grouped into: Data Center, Infrastructure as a Service, Platform as a Service, and Software as a Service. The chapter focuses on a narrow segment of risk management that deals with technical and procedural aspects of assessing vulnerabilities. Physical data centers are the lowest level of service that has major capital and operational challenges in the hierarchy of services.
