The goal of this guide is to provide a high-level understanding of each of the 11 cloud threats and essential mitigation techniques as organizations consider how those threats fit into a broader security program. What you’ll notice throughout is that there are a lot of interrelated elements and controls that can yield multiple leverage points.
An interesting trend in this fourth edition is that traditional cloud security issues that are directly under the control of the cloud service provider (CSP), e.g. denial of service and shared technology vulnerabilities, absent. This reflects a trend where security concerns are higher up the tech stack, more toward those business applications deployed on CSP infrastructure and the services and APIs used to power them.