Cloud Security Notification Framework

Faisal Mirza

Enterprise Security Architect at EY GDS

Published May 7, 2021

CSNF provides a standardized way for enterprise cloud consumers to receive security events, alarms, logs, etc., from all cloud providers. CSNF is implemented via a concept called a “decorator.” The decorator decorates security messages from AWS, GCP, Azure, IBM Cloud, and more and puts them into a common format.

This format has a range of attributions, two of which are to map security events to MITRE ATT&CK and NIST controls. This is how a common language is provided, and all providers will use standard meanings of terms. The decorator creates a common security information model, which has hugely positive implications for the industry

Source : Cloud Security Notification Framework (CSNF) Seeks to Standardize Security Notifications from Cloud Providers - DevPro Journal

To view or add a comment, sign in

Enterprise Security Architecture: A Business-Driven Approach

May 8, 2021

Cloud Security Notification Framework

Faisal Mirza

Enterprise Security Architect at EY GDS

More articles by this author

Others also viewed

Can you see everything in your cloud? If not, this blog is for you.

AWS Shared Responsibility Model

Threats and Vulnerabilities Hiding in the Cloud

Key Considerations for Planning Your Cloud Virtual Network (Azure)

Cybersecurity with Cloud Computing (Lynda.com)

Understanding the Power of VPCs in AWS: A Deep Dive

Cloud Computing/DevOps journey

Building a Secure Foundation on AWS – Security Best Practices for Beginners

You Can't Control What You Can't Prove. Can YOU Provide Compliance on Cloud?

Creating a Robust Cloud Security Architecture

Explore topics

Enterprise Security Architecture: A Business-Driven Approach

May 8, 2021