Okay, let's move on to Chapter four. Domain for module for you'll probably hear you use all of those terms. They all mean the same thing. So with the main four, we have cloud applications, security. And, you know, we've talked about infrastructure. Ah, as a service we talked about platform is the service software as a service,
and ultimately, many of the things that we're looking to do is make applications.
Um, tohave our applications hosted in the cloud and did you so in a secure environment. So
let's talk about some of the ways that we can make our applications more secure. So we start off and we look at determining data sensitivity. Um, how sensitive is the data? What's its value?
Ah, what are the different security responsibility? So does the security reside with me, the customer or the cloud provider or somewhere in the middle? We'll talk about the software development lifecycle ah, which we always have to consider security, regardless, whether the application's gonna be hosted,
Then we'll look at something that I consider to be very, very valuable, which is the old lost top 10 list of vulnerabilities.
So ultimately, ah, the open web application Security project a wasp. Every few years they put out a top 10 list of vulnerabilities, and they make it so you know, they address these vulnerabilities and give some mitigating strategy, so we'll look over those
and again, that's not necessarily cloud driven. That's universal.
Ah, we'll also look at identity and access management and Federated Identity Identity Management. And then last but not least, we'll talk about testing our applications for security. So this a good model, very helpful in the realm, off applications security.