There are many different attack scenarios in cloud computing. Each layer in the cloud stack has the potential to expose a ruinous vulnerability. This includes the hosted applications, the virtualization environments, server hardware and other infrastructure necessary to support a cloud solution. These are the things that keep security-minded cloud service providers up at night.
To help alleviate some of these concerns, cloud service providers should be demanding that their vendors deliver best-in-class security solutions for each layer in their system. The obvious question, however, is how does one know if the vendor’s security story is good enough? This article deals with some of the issues one can raise with their vendors to better protect your infrastructure from attacks.