Home/Glossary/Shared Responsibility Model

Shared Responsibility Model

A framework that outlines which security tasks the cloud provider handles versus what the customer must secure.

Cloud Security

Cloud vendors secure the infrastructure; customers secure the data, configurations, and user access.

Typical split

Provider responsibilities: Physical data centers, networking, hypervisor, core services like compute and storage.
Customer responsibilities: Identity and access management, data protection, workload configuration, compliance with industry regulations.

Why teams stumble

Assuming managed services are secure-by-default.
Failing to harden default IAM roles or storage buckets.
Overlooking logging and monitoring in shared environments.

Related Tools

View all articles

NIST 800-88 Media Sanitization Complete Guide: Clear, Purge, and Destroy Methods Explained

Master NIST SP 800-88 Rev. 1 media sanitization methods including Clear, Purge, and Destroy. Covers SSD vs HDD sanitization, crypto erase, degaussing, regulatory compliance, and building a media sanitization program.

Read article →

Threat Modeling with STRIDE and DREAD: A Complete Guide to Proactive Security Architecture

Master threat modeling with STRIDE and DREAD frameworks to identify, classify, and prioritize security threats before they become vulnerabilities. This comprehensive guide covers data flow diagrams, mitigation mappings, MITRE ATT&CK integration, and building an enterprise threat modeling program.

Read article →

Cloud Penetration Testing: A Complete Guide for AWS, Azure, and GCP

Cloud penetration testing requires different approaches than traditional network testing. Learn cloud provider policies, testing methodologies, and common findings across AWS, Azure, and GCP environments.

Read article →