In today’s digital landscape, cloud security services have become a critical component for organizations leveraging cloud computing. Alibaba Cloud, a leading provider of cloud infrastructure, offers a comprehensive suite of advanced security solutions to protect users’ data, applications, and infrastructure. These services address the evolving cybersecurity challenges faced by businesses operating in the cloud, including threat detection, data encryption, and compliance management.
Alibaba Cloud Security provides a multi-layered approach to safeguarding digital assets. Users can benefit from network security solutions like Web Application Firewall (WAF) and DDoS mitigation to defend against cyberattacks. Data protection and encryption services ensure sensitive information stays secure, while identity and access management tools control user permissions. The platform also offers threat detection and response capabilities, helping organizations identify and mitigate potential security risks. Additionally, Alibaba Cloud’s compliance and governance features assist users in meeting regulatory requirements and maintaining a strong security posture.
Overview of Alibaba Cloud Security
Alibaba Cloud, the cloud computing arm of the Alibaba Group, offers a comprehensive suite of security services designed to protect businesses and individuals from online threats. These services cover various aspects of cybersecurity, including network security, data security, application security, and access control [1].
Key Security Challenges
As organizations increasingly adopt cloud-based solutions, they face two main data security challenges:
- Meeting business demands: Migrating services to the cloud requires maintaining high availability and effectively managing data assets across different regions, platforms, and products, even when stored in separate data warehouses.
- Identifying sensitive data: With massive and disparate datasets, organizations must swiftly and accurately identify sensitive data to implement appropriate safeguards [2].
These challenges are compounded by the fact that traditional data isolation techniques alone are no longer sufficient to protect corporate information in the cloud. A more flexible and advanced approach is now required [2].
Alibaba Cloud’s Security Approach
To address these challenges, Alibaba Cloud has implemented a multi-faceted approach to security:
- Comprehensive risk management: Alibaba Cloud has established a risk management framework to identify, analyze, and manage risks within the company and those related to services provided. This framework involves management and various teams, covering strategic and operational risks, such as security and availability [3].
- Access management: The company has implemented strict access management processes, including an access card system and fingerprint access control system for physical access. For logical access, role-based access controls (RBAC) and the principle of least privilege are applied [3].
- Secure communication: Alibaba Cloud supports secure communication channels with strong cryptographic protocols for data transmission. HTTPS is deployed in the Management Console and Open API gateway [3].
- Key management: The company offers Key Management Service (KMS) for customers, granting them full control over key management and the ability to use KMS-generated keys to encrypt/decrypt data on the Alibaba Cloud platform [3].
- Change control and configuration management: Alibaba Cloud has established policies for change control and configuration management, utilizing a change control system to initiate and approve change requests [3].
- Business continuity: The company has established business continuity plans, performing business impact analysis, risk assessment, and conducting annual business continuity drills [3].
- Security event management: Alibaba Cloud has implemented a security event management platform for reporting, status updates, and notifications [3].
Core Security Services
Alibaba Cloud provides several core security services to help users protect their data and applications:
- Data Security Center (DSC): This service helps organizations meet compliance requirements for protecting personal information and undergoing security audits in cloud computing. It leverages big data technologies, machine learning capabilities, and intelligent algorithms to detect and monitor sensitive data, identify high-risk activities, and alert users about potential data leaks [2].
- Encryption and data protection: The DSC offers a closed-loop solution covering the entire data lifecycle, from identification to desensitization. It provides various techniques such as encryption, masking, hashing, data decryption, replacement, transformation, and shuffling to protect sensitive data [2].
- Web Application Firewall (WAF): This technology acts as a defense mechanism against attacks targeting vulnerabilities in web applications. By monitoring and filtering HTTP and HTTPS requests, the WAF can identify and block malicious traffic [1].
- DDoS protection: Alibaba Cloud offers advanced Distributed Denial of Service (DDoS) protection to safeguard businesses from potential attacks. The system is equipped with multiple layers of defense mechanisms, including traffic analysis, rate limiting, and anomaly detection [1].
- Resource Access Management (RAM): This service allows users to establish granular access controls and define custom policies that restrict data visibility to only authorized individuals, minimizing potential damage from unauthorized access [2].
By leveraging these core security services and adhering to its comprehensive security approach, Alibaba Cloud aims to provide robust protection for its users’ data and applications in the ever-evolving landscape of cloud computing and cybersecurity.
Network Security Solutions
Alibaba Cloud offers a comprehensive suite of network security solutions to protect users’ cloud infrastructure and applications from various cyber threats. These solutions include Cloud Firewall, Anti-DDoS Protection, and Web Application Firewall (WAF), each designed to address specific security challenges in the cloud environment.
Cloud Firewall
Cloud Firewall is the industry’s first firewall as a service (FWaaS) solution targeted for public clouds [4]. It provides centralized management of north-south and east-west traffic, offering real-time traffic monitoring, precise access control, and intrusion prevention [4]. This service is crucial for ensuring network security for businesses migrated to Alibaba Cloud [4].
The Cloud Firewall consists of two main control modules:
- North-south traffic control module: This module manages access traffic from the Internet to ECS instances, controlling traffic through layers 4 to 7 [4].
- East-west traffic control module: This component controls access traffic between ECS instances through security groups, operating at layer 4 [4].
Cloud Firewall offers advanced protection against various network threats, including DDoS attacks, web application attacks, and unauthorized access [5]. Its features include traffic monitoring, intrusion detection, and intelligent threat analysis, providing a robust defense for cloud resources [5].
Anti-DDoS Protection
Alibaba Cloud’s Anti-DDoS solution is designed to safeguard online services from Distributed Denial of Service (DDoS) attacks, ensuring high availability and reliability [5]. The service can automatically detect and mitigate various types of DDoS attacks, such as SYN flood, UDP flood, and HTTP flood [5].
Anti-DDoS Basic, enabled by default, provides protection of up to 5 Gbit/s for Elastic Compute Service (ECS), Server Load Balancer (SLB), and Elastic IP Address (EIP) instances [6]. When the attack bandwidth exceeds the specified cleaning threshold, Anti-DDoS Basic starts cleaning attack traffic to maintain business continuity [6].
Key features of Anti-DDoS Protection include:
- Automatic black hole triggering: If the attack bandwidth exceeds the predefined threshold, traffic to the public IP address is routed to a black hole [6].
- Flexible cleaning thresholds: Users can configure cleaning thresholds slightly greater than the maximum bandwidth for actual incoming requests [6].
- Black hole duration management: The default black hole duration is 2.5 hours, but it may range from 30 minutes to 24 hours depending on the attack situation [6].
For enhanced protection, Alibaba Cloud recommends using Anti-DDoS Pro to improve protection capacity when facing large-scale attacks [6].
Web Application Firewall (WAF)
Web Application Firewall (WAF) is a dedicated firewall that filters, monitors, and blocks HTTP traffic to and from web applications [7]. It protects against common web attacks such as SQL injections, cross-site scripting (XSS), web shell, and Trojan attacks [7].
WAF offers several key features:
- Common vulnerabilities protection: Safeguards against SQL injection, XSS, command execution, and other vulnerabilities [7].
- HTTP flood mitigation: Effectively mitigates HTTP and HTTPS floods, preventing malicious spiders or bots from consuming website resources [7].
- Big data capabilities: Leverages Alibaba Cloud’s extensive experience in handling web attacks, maintaining a comprehensive malicious IP database [7].
- Quick setup: Can be activated within 5 minutes without hardware or software installation [7].
WAF’s advanced capabilities include:
- Parsing HTTP data in common formats, including header, form, multipart, JSON, and XML data [8].
- Decoding data using various methods such as URL encoding, JavaScript Unicode encoding, and Base64 encoding [8].
- Preprocessing data for more accurate detection by upper-layer engines [8].
- Implementing fine-grained access control using a combination of different HTTP fields [8].
By utilizing these network security solutions, Alibaba Cloud users can significantly enhance their defense against various cyber threats, ensuring the protection of their cloud-based assets and applications.
Data Protection and Encryption
In the realm of cloud computing, data protection and encryption play a crucial role in safeguarding sensitive information. Alibaba Cloud offers a comprehensive suite of services designed to ensure the security and privacy of user data throughout its lifecycle.
Key Management Service (KMS)
Alibaba Cloud’s Key Management Service (KMS) is a managed service that enables users to create and manage encryption keys (master keys) used to encrypt their data. This service provides users with complete control over who can access their master keys and encrypted data [9]. KMS implements envelope encryption, a process where users first create a master key, then use it to generate a data key, which in turn encrypts the application data [9]. This approach allows the encrypted data key to be deployed alongside the application it protects, while the plaintext master key remains securely stored within the KMS service [9].
KMS offers several key features:
- Integration with Resource Access Management (RAM) for fine-grained access control over keys
- Compatibility with CloudMonitor for auditing key usage
- Ability to encrypt and decrypt small amounts of data (less than 4 KB) using a Customer Master Key (CMK)
- Secure channels for data transmission
For large-scale data encryption, KMS allows users to create a CMK, generate a data key from it, and use this data key to encrypt and decrypt substantial amounts of data locally. This approach significantly reduces the cost of transmitting data through the network for encryption and decryption purposes [9].
Data Encryption Service
Alibaba Cloud provides robust data encryption services across various products, including Object Storage Service (OSS) and ApsaraDB RDS.
Object Storage Service (OSS) Encryption
OSS supports both client-side and server-side encryption methods:
- Client-side encryption: This method ensures that data is encrypted before being sent to the remote server, with the encryption key’s plaintext stored only on the local computer. This approach guarantees data security even in the event of a data leak, as others cannot decrypt the data without the key [10].
- Server-side encryption: When users upload data, OSS automatically encrypts it before storage. Upon download, OSS decrypts the data and returns the original content to the user, indicating in the HTTP response header that the data was encrypted on the server [10].
ApsaraDB RDS Encryption
ApsaraDB RDS offers two primary encryption features:
- Secure Sockets Layer (SSL): Available for MySQL and SQL Server, SSL allows users to verify the authenticity of the database service using the server root certificate provided by RDS. This effectively prevents man-in-the-middle attacks [10].
- Transparent Data Encryption (TDE): Offered for MySQL and SQL Server, TDE allows users to specify which databases or tables to encrypt. The data is encrypted before being written to any storage device or service, ensuring that all data files and backups are in ciphertext [10].
Sensitive Data Discovery and Protection
Alibaba Cloud’s Data Security Center (DSC) provides a comprehensive solution for sensitive data discovery and protection. This service is crucial for businesses handling various forms of sensitive data, including customer information, technical documents, and personal details [11].
Key features of DSC include:
- Data scanning: DSC scans various Alibaba Cloud services and self-managed databases to identify sensitive data based on predefined key fields [11].
- Data classification and grading: Using customizable detection rules and built-in algorithms, DSC classifies and grades data sensitivity [11].
- Access control: DSC offers fine-grained control over access to sensitive data [11].
- Data de-identification: Customizable de-identification algorithms ensure data authenticity while protecting sensitive information [11].
- Visibility: DSC provides insights into storage items containing sensitive data, visitors accessing data, and anomalous changes in data flows [11].
By leveraging these advanced data protection and encryption services, Alibaba Cloud users can significantly enhance their data security posture, ensuring compliance with various data privacy mandates such as PCI-DSS, GDPR, HIPAA, and CCPA [12].
Identity and Access Management
Alibaba Cloud offers a comprehensive suite of identity and access management solutions to help users secure their cloud resources and manage user identities effectively. These solutions include Resource Access Management (RAM), IDaaS (Identity as a Service), and Bastion Host, each designed to address specific security needs in the cloud environment.
Resource Access Management (RAM)
Resource Access Management (RAM) is a cloud service that enables users to securely manage access to their Alibaba Cloud resources [13]. It allows for the creation and management of multiple user identities under a single Alibaba Cloud account, as well as the allocation of different authorization policies to various identities or identity groups [13].
RAM supports two types of identities:
- RAM-User: A real identity with a fixed ID and an identity authentication access key, typically representing a person or an application [13].
- RAM-Role: A virtual identity with a fixed ID but no identity authentication access key. It must be associated with a real identity to become operational [13].
Key benefits of using RAM include:
- Centralized user identity management
- Fine-grained access control for cloud resources
- Enhanced security through the principle of least privilege
- Cost-effective resource management
By utilizing RAM, enterprises can avoid sharing their Alibaba Cloud account access keys with multiple users, thereby reducing security risks [13]. Instead, they can grant users the minimum permissions necessary to perform their tasks [13].
IDaaS (Identity as a Service)
IDaaS is a cloud-based identity and access management service that provides secure authentication, authorization, and user management capabilities [14]. It helps organizations manage user identities, access policies, and single sign-on (SSO) across both cloud and on-premises applications [14].
Key features of IDaaS include:
- Centralized identity management
- Multi-factor authentication (MFA)
- Single sign-on (SSO) for multiple applications
- User lifecycle management
- Advanced security policies and compliance controls
To implement IDaaS, users can follow these steps:
- Log in to the Alibaba Cloud management console and navigate to the Application Identity Service (IDaaS) [15].
- Create an instance and access the IDaaS management console [15].
- Add applications and configure SAML settings [15].
- Set up organizations, groups, and user accounts [15].
- Configure application authorization and account associations [15].
IDaaS streamlines identity management processes, enhances security, and improves user experience across various cloud and on-premises applications.
Bastion Host
A Bastion Host is a special-purpose computer designed to withstand attacks and serve as a secure gateway for accessing resources within a private network [14]. It acts as the sole point of access between the local network and external networks, such as the internet [14].
Alibaba Cloud’s Bastion Host service offers several key benefits:
- Centralized account management on a unified platform
- Prevention of non-compliant and malicious operations
- Real-time monitoring and termination of high-risk operations
- Fine-grained control policies for resource access
- Multi-factor authentication (MFA) using OTP tokens or SMS
- Implementation of the least privilege principle for diverse maintenance and operations roles [16]
Bastion Host is widely adopted in fintech and other financial industries for multi-asset management [16]. It provides a secure and efficient platform for accessing server resources through a centralized portal, ensuring robust security and fine-grained access control [16].
By leveraging these identity and access management solutions, Alibaba Cloud users can significantly enhance their security posture, ensure compliance with various regulations, and streamline their user management processes across their cloud infrastructure.
Threat Detection and Response
Alibaba Cloud offers a comprehensive suite of threat detection and response services to help users safeguard their cloud infrastructure and applications. These services include Security Center, Cloud Security Scanner, and Managed Security Service, each designed to address specific security challenges in the cloud environment.
Security Center
Security Center is a crucial component of Alibaba Cloud’s security offerings, providing round-the-clock security and protection for users’ cloud assets [17]. This service offers a range of features to enhance threat detection and response capabilities:
- Container Network Topology: This feature allows users to perform security-related operations on their assets, including clusters, containers, images, and applications, in a visualized manner [18]. It displays the network topology of containers, enabling more efficient management.
- Real-time Updates: Security Center automatically refreshes the network topology of running containers and security information about the current cluster at one-minute intervals [18]. This ensures that users have access to up-to-date network topology and security information.
- Multiple Perspectives: Users can view the network topology from different perspectives, such as the Internet Perspective or Cluster Perspective [18]. This flexibility allows for a comprehensive understanding of the network structure and potential vulnerabilities.
- Cluster Risk Assessment: Security Center provides detailed information about cluster risks, including security alerts, baseline risks, application vulnerabilities, image baseline vulnerabilities, vulnerability risks, image vulnerabilities (CVE), and image malicious files [18].
- Image Security: The service allows users to add image repositories to Security Center for enhanced protection [18]. This feature helps in managing and securing container images effectively.
Cloud Security Scanner
Alibaba Cloud Security Scanner (CSS) is an automated testing tool designed to detect web vulnerabilities, threats, and sensitive web content [19]. Key features of CSS include:
- Dynamic Crawling: CSS uses Web 2.0 dynamic crawlers to scan webpages and detect vulnerabilities using built-in detection plugins [19].
- Comprehensive Detection: The service helps identify threats, bugs, vulnerabilities, and sensitive content in websites, including images, videos, blogs, news, and other elements [19].
- Asset Analysis: CSS includes a data middle platform and asset analysis capabilities to schedule tasks, gather asset information, configure scan tasks, and recognize port and database information [19].
- Multiple Benefits: CSS offers risk verification assistance, security and compliance checks, asset management, resource utilization optimization, self-healing automation, and clear scan reports [19].
- High Accuracy: The service provides high detection accuracy through its advanced detection plugins and integrated technologies [19].
- User-Friendly: CSS is easy to use, requiring no installation. Users can simply purchase the service and start using it with their Alibaba Cloud account [19].
- Automatic Updates: The service automatically upgrades with assessments, risk analysis, and real-time updates, eliminating the need for manual upgrades [19].
Managed Security Service
Alibaba Cloud’s Managed Security Service (MSS) offers professional security management and protection for cloud resources [17]. This service provides several advantages:
- Expert Management: MSS offers round-the-clock security monitoring and protection, leveraging Alibaba Cloud’s expertise in cloud security [17].
- Customized Solutions: The service can be tailored to meet specific security requirements of different industries and business scenarios.
- Proactive Threat Mitigation: MSS helps in identifying and mitigating potential security risks before they can impact the business.
- Compliance Support: The service assists in maintaining compliance with various regulatory requirements, helping businesses meet industry standards and legal obligations [20].
- Cost-Effective: By outsourcing security management to Alibaba Cloud experts, businesses can reduce the need for in-house security personnel and infrastructure.
By leveraging these threat detection and response services, Alibaba Cloud users can significantly enhance their security posture, ensure continuous protection of their cloud assets, and respond effectively to emerging threats in the ever-evolving cybersecurity landscape.
Compliance and Governance
Alibaba Cloud is committed to providing reliable, secure, and compliant cloud computing products and services [21]. The platform offers a comprehensive range of tools and services to help users maintain security, compliance, and governance in their cloud environments.
ActionTrail
ActionTrail is a service that monitors and records operations performed on an Alibaba Cloud account [22]. It captures activities carried out through the Alibaba Cloud Management Console, APIs, and SDKs, recording them as events [22]. These events can be downloaded from the ActionTrail console or configured to be delivered to Log Service Logstores or Object Storage Service (OSS) buckets [22].
Key features of ActionTrail include:
- Compliance with MLPS requirements: ActionTrail helps users comply with Multi-Level Protection Scheme (MLPS) 2.0 regulations by recording account operations and storing them for at least 180 days [22].
- Security analysis: By recording account operations as events, ActionTrail enables users to identify potential security issues. Events can be delivered to Log Service Logstores for long-term storage and SQL-based analysis [22].
- Resource change tracking: ActionTrail allows users to locate the cause of anomalies in resource usage by providing detailed information about operations, including who performed them, when, and from which IP address [22].
- Compliance auditing: For organizations using Resource Access Management (RAM), ActionTrail records operations of all members, facilitating comprehensive compliance auditing [22].
Cloud Config
Cloud Config is a service that provides configuration tracing and compliance auditing [23] [24]. It helps users maintain an overview of their resource configurations and ensures compliance with organizational policies and industry standards.
Key features of Cloud Config include:
- Configuration tracking: Users can monitor and record changes to their cloud resource configurations over time.
- Compliance auditing: Cloud Config enables users to assess their resource configurations against predefined rules and best practices.
- Real-time alerts: The service can notify users of non-compliant configurations or unauthorized changes.
Compliance Reporting
Alibaba Cloud offers comprehensive compliance reporting capabilities to help users meet regulatory requirements and industry standards. The platform provides resources to assist customers in deploying secure and regulatory compliant cloud environments [21].
Key aspects of compliance reporting include:
- Certifications and attestations: Alibaba Cloud maintains a wide range of global certifications and attestation reports [21].
- Data protection commitment: The platform demonstrates a strong commitment to data protection, providing users with the necessary tools and information to maintain compliance [21].
- Frequently asked questions: Alibaba Cloud offers a repository of frequently asked questions about data security and privacy, helping users address common compliance concerns [21].
To further enhance governance capabilities, Alibaba Cloud provides the Cloud Governance Center (CGC), currently in beta. This service allows users to set up and manage an Alibaba Cloud multi-account environment in a one-stop mode [23] [24]. CGC streamlines the process of managing multiple accounts, ensuring consistent policy application and compliance across an organization’s cloud infrastructure.
By leveraging these compliance and governance tools, Alibaba Cloud users can maintain a secure, compliant, and well-managed cloud environment, aligning with industry standards and regulatory requirements while optimizing their cloud operations.
Advanced Security Features
Anti-Bot Service
Alibaba Cloud’s Anti-Bot Service is a sophisticated solution designed to protect websites from malicious bot activities while ensuring legitimate user access. This service adopts a subscription billing method, offering flexible payment options based on the chosen package [25]. The Anti-Bot Service provides comprehensive protection for various platforms, including web pages, HTML5, mobile apps, and API services [25].
One of the key features of the Anti-Bot Service is its ability to leverage large amounts of cyber threat intelligence to update protection policies against mass attacks [25]. This ensures that websites remain protected against evolving bot threats. For enhanced security, the service offers an SDK integration option for mobile apps, providing robust protection against bot traffic [25].
The Anti-Bot Service utilizes machine learning algorithms to analyze workload patterns and accurately detect bot traffic. Users can customize these algorithms through deep learning and combine them with other protection modules for more granular bot traffic detection and handling [25]. This approach significantly improves the overall protection capabilities of the service.
Content Moderation
Alibaba Cloud’s Content Moderation Service is an advanced tool that employs smart technology to identify and filter out inappropriate content across various media types, including images, videos, texts, and voice recordings [26]. This service plays a crucial role in maintaining a safe online environment by detecting and removing content related to adult themes, violence, and other harmful topics [26].
Key features of the Content Moderation Service include:
- Speed and Accuracy: The service provides real-time content checking with response times in milliseconds and boasts an accuracy rate of over 95% for content requiring filtering [26].
- Comprehensive Coverage: It offers thorough content filtering across multiple media types, effectively identifying harmful content such as violence, drug references, and offensive language [26].
- Scalability: The service leverages Alibaba Cloud’s vast experience in data analysis, processing billions of videos and images daily [26].
- Customization: Users can tailor the service to their specific needs, and its performance improves over time as it processes more data [26].
GameShield
GameShield is an innovative risk control model developed by Alibaba Cloud Security specifically for the gaming industry [27]. This service offers a comprehensive solution for addressing large-scale DDoS attacks (T-level) and connection flood attacks unique to the gaming sector [27]. Compared to traditional DDoS defense solutions, GameShield employs smart scheduling and data algorithms to effectively mitigate massive DDoS attacks at a lower cost [27].
Key features of GameShield include:
- Smart Scheduling: The service quickly separates “normal player” traffic from “hacker attack” traffic, distributing them to different nodes for efficient attack mitigation [27].
- End-to-End Encryption: This feature prevents minor DDoS attacks that simulate user behavior from reaching the client [27].
- Attacker Exposure: GameShield’s smart identification functions allow users to “hide” themselves while “exposing” hackers, effectively impairing attack devices and reversing the previously unequal DDoS offensive and defensive resource situation [27].
By leveraging these advanced security features, Alibaba Cloud users can significantly enhance their protection against various cyber threats, ensuring a safer and more secure online environment for their applications and services.
Conclusion
Alibaba Cloud’s advanced security services provide a robust foundation to protect digital assets and maintain compliance in the cloud era. From network security solutions to identity management and threat detection, these services offer a comprehensive approach to safeguard sensitive data and infrastructure. The platform’s commitment to security is evident in its continuous development of cutting-edge features like Anti-Bot Service, Content Moderation, and GameShield, which address specific security challenges in today’s digital landscape.
To wrap up, Alibaba Cloud’s security offerings empower businesses to focus on growth and innovation while ensuring their cloud environments remain secure and compliant. By leveraging these services, organizations can build a strong security posture, mitigate risks, and adapt to evolving cyber threats. As cloud adoption continues to rise, Alibaba Cloud’s security solutions are poised to play a crucial role in shaping the future of cloud security and enabling businesses to thrive in the digital world.
FAQs
What are some competitors of Alibaba Cloud?
Alibaba Cloud competes with several major cloud service providers including Amazon Web Services, Microsoft Azure, Google Cloud Platform, IBM Cloud, Oracle Cloud Infrastructure, Huawei Cloud, VMware Cloud on AWS, and DigitalOcean App Platform.
Does Alibaba offer cloud services?
Yes, Alibaba Cloud, established in 2009, is a subsidiary of Alibaba Group. It provides a comprehensive range of cloud services globally, such as elastic computing, storage solutions, networking, security, databases, and big data, serving as the digital technology and intelligence backbone of Alibaba Group.
What does Alibaba Cloud security entail?
Alibaba Cloud’s security framework includes a comprehensive compliance portfolio and services that protect businesses both in China and globally during their cloud transformation journey. Security responsibilities are shared between Alibaba Cloud and its customers, with customers being responsible for securing their applications on the cloud.
Which company is considered the best for cloud security?
According to expert opinions, some of the top cloud security companies include Astra Security, Commvault, HCL, Fortinet, Prisma (by Palo Alto), SentinelOne, Forcepoint ONE, and Cisco. All these companies offer cloud security services primarily through a Software as a Service (SaaS) platform.
References
[1] – https://www.alibabacloud.com/blog/alibaba-cloud-in-cybersecurity_600315
[2] – https://www.alibabacloud.com/blog/enhancing-data-privacy-unleashing-the-potential-of-the-alibaba-cloud-data-security-center_599994
[3] – http://alicloud-common.oss-ap-southeast-1.aliyuncs.com/Alibaba%20Cloud%20Security%20Whitepaper_v2_012017.pdf
[4] – http://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/download/pdf/DNCFW1839085_en-US_intl_190429201323_public_512e7b2e2381a483ad50d0aebd27bed1.pdf
[5] – https://www.alibabacloud.com/help/en/cloud-firewall/product-overview/functions-and-features
[6] – https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/download%2Fpdf%2F71577%2FAnti-DDoS_Origin_intl_en-US.pdf
[7] – http://docs-aliyun.cn-hangzhou.oss.aliyun-inc.com/pdf/Wall-Application-Firewall-intl-waf-intro-intl-en-2017-03-24.pdf
[8] – https://www.alibabacloud.com/help/en/waf/web-application-firewall-3-0/product-overview/what-is-waf
[9] – http://docs-aliyun.cn-hangzhou.oss.aliyun-inc.com/pdf/kms-introductions-intl-en-2018-08-21.pdf
[10] – https://www.alibabacloud.com/blog/data-encryption-at-storage-on-alibaba-cloud_594581
[11] – https://www.alibabacloud.com/blog/alibaba-cloud-sensitive-data-discovery-and-protection_598142
[12] – https://orca.security/partners/technology/alibaba-cloud/
[13] – http://docs-aliyun.cn-hangzhou.oss.aliyun-inc.com/pdf/ram-intro-intl-en-2017-03-19.pdf
[14] – https://www.alibabacloud.com/help/en/idaas/eiam/product-overview/what-is-idaas
[15] – https://casdoor.github.io/docs/provider/saml/aliyun/
[16] – https://www.quora.com/What-is-bastion-host-in-Alibaba-cloud
[17] – https://www.alibabacloud.com/en/product/mss?_p_lc=1
[18] – http://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/download%2Fpdf%2F128100%2FOverview_of_Console_intl_en-US.pdf
[19] – https://www.alibabacloud.com/blog/detect-web-vulnerabilities-with-cloud-security-scanner_596283
[20] – https://www.alibabacloud.com/help/en/security-center/product-overview/functions-and-features
[21] – https://www.alibabacloud.com/help/en/cloud-config
[22] – https://www.alibabacloud.com/help/en/actiontrail/product-overview/what-is-actiontrail
[23] – https://www.alibabacloud.com/en/trust-center/compliance?_p_lc=1
[24] – https://www.alibabacloud.com/en/trust-center/compliance-repository-intro?_p_lc=1
[25] – https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/download%2Fpdf%2F84639%2FPricing_reseller_en-US.pdf
[26] – https://yvolv.ae/protecting-the-digital-realm-exploring-alibaba-clouds-advanced-content-moderation-service/
[27] – https://www.alibabacloud.com/help/en/game-shield/latest/what-is-game-shield