IAM ผู้ให้บริการคลาวด์
Identity and access management systems and controls provided by cloud service vendors, enabling secure authentication, authorization, and governance of users and services in the cloud.
View termCategories
Cloud
Browse Cloud terms for cybersecurity professionals.
Languages
SIEM เนทีฟคลาวด์
A Security Information and Event Management platform built specifically for cloud architectures, offering elastic scalability, API integration, and advanced analytics for cloud-centric threat detection.
View termกริดหลอกลวงแบบกระจาย
A security architecture that uses distributed decoys, honeypots, and lures throughout the network or cloud to detect, delay, and analyze adversarial activity.
View termการควบคุมการเข้าถึงพื้นที่เก็บข้อมูล
Policies and mechanisms that restrict and monitor access to data storage systems, ensuring only authorized users or applications can read, modify, or delete data.
View termการควบคุมการเข้าถึงแบบปรับตัว
A dynamic security mechanism that adjusts access decisions in real-time based on user behavior, device health, risk context, and environmental factors.
View termการควบคุมถิ่นที่อยู่ของข้อมูล
Policies and technical mechanisms that ensure organizational data is stored, processed, and managed in specific legal or geographic locations to comply with jurisdictional requirements.
View termการควบคุมอินสแตนซ์ชั่วคราว
Security controls and automation for governing short-lived, temporary compute instances to prevent persistence, limit attack surface, and ensure secure provisioning and termination.
View termการค้นพบ Shadow IT
The process of identifying unauthorized or unmanaged IT systems, applications, or services within an organization, typically operating outside official security controls or compliance oversight.
View termการจัดการการลงทะเบียนอุปกรณ์
The process of registering and configuring devices to ensure compliance with security policies before granting access to enterprise resources or networks.
View termการจัดการสิทธิ์โครงสร้างพื้นฐาน
A process and toolset for discovering, controlling, and auditing permissions and access rights across cloud and hybrid infrastructure to minimize excessive privileges and enforce least privilege.
View termการจัดการอัตลักษณ์ที่มีสิทธิพิเศษ
A security discipline and toolset focused on discovering, controlling, and monitoring accounts with elevated access rights, ensuring least privilege, and detecting misuse or anomalies.
View termการจัดการแพตช์อัตโนมัติ
A systematic approach that uses software tools to automatically identify, acquire, test, and deploy security patches across cloud and on-premises assets, reducing exposure to known vulnerabilities. Referenced in NIST SP 800-40 Revision 4, CIS Control 7.
View termการจัดการใบรับรองอุปกรณ์
The process of issuing, deploying, renewing, and revoking digital certificates used to authenticate and secure devices within a network or cloud environment.
View termการตรวจจับการเปลี่ยนแปลงค่าการกำหนดค่า
The automated identification of unintended changes in system configurations from an approved baseline, used to prevent policy violations, security gaps, and compliance failures.
View termการตรวจจับและตอบสนองที่มีการจัดการ
A managed security service that provides continuous threat monitoring, detection, investigation, and active response to security incidents on behalf of an organization.
View termการตรวจจับและตอบสนองเอ็นด์พอยต์
A cybersecurity solution that monitors, detects, and responds to threats on endpoint devices in real time, integrating threat intelligence, automated analysis, and incident response workflows.
View termการตรวจสอบการเข้าถึงข้อมูลรับรอง
The process of continuously tracking, analyzing, and alerting on access to credentials (passwords, tokens, secrets) in order to detect misuse, unauthorized disclosure, or compromise.
View termการตรวจสอบการเข้าถึงคลาวด์
Systematic logging and analysis of access events in cloud environments to ensure compliance, detect anomalies, and support forensic investigations.
View termการตรวจสอบความสมบูรณ์ของโฮสต์
Continuous assessment of a host system’s files, processes, and configurations to detect unauthorized changes, tampering, or integrity violations indicating compromise.
View termการตรวจสอบความสอดคล้องอย่างต่อเนื่อง
The ongoing process of automatically assessing systems, configurations, and user activities to ensure adherence to regulatory and policy requirements at all times.
View termการตรวจสอบสิทธิ์หลายปัจจัย
A security mechanism requiring users to present two or more independent forms of evidence (factors) to verify their identity when accessing a system or application.
View termการตรึงใบรับรองคลาวด์
A security technique that restricts applications or devices to accept only specific trusted certificates or public keys when communicating with cloud services, mitigating man-in-the-middle attacks.
View termการตอบสนองเหตุการณ์คลาวด์
A structured approach to managing and mitigating security incidents in cloud environments, including preparation, detection, analysis, containment, eradication, recovery, and post-incident review.
View termการติดแท็กทรัพยากรคลาวด์
The process of assigning metadata labels to cloud resources to facilitate access management, cost allocation, compliance auditing, and automated policy enforcement.
View termการบล็อกสคริปต์ที่เป็นอันตราย
The detection and prevention of unauthorized, harmful scripts (such as JavaScript, PowerShell, or macros) from executing in cloud or endpoint environments to mitigate cyber threats.
View termการบังคับใช้การผูกโทเค็น
A security control requiring the cryptographic binding of authentication tokens to specific TLS sessions or client devices to prevent token theft and replay attacks.
View termการบังคับใช้นโยบายเอนด์พอยต์
The application of security controls to endpoints (e.g., laptops, mobiles) to ensure compliance with organizational security policies and prevent unauthorized access or activity.
View termการบังคับใช้สิทธิพิเศษน้อยที่สุด
The continuous process of restricting user, process, or system access rights to the minimum necessary to perform authorized activities, reducing the attack surface.
View termการบังคับใช้อัตรา API
A control that limits the number of API requests a client or application can make within a specific time frame to prevent abuse, denial of service, or resource exhaustion.
View termการบันทึกกิจกรรมคลาวด์
The process of capturing, storing, and analyzing logs of user actions, system events, and resource access within cloud environments to support security monitoring, auditing, and incident response.
View termการบันทึกเซสชันสิทธิพิเศษ
The logging and monitoring of all actions performed during privileged sessions, such as administrative or root access, to ensure accountability and forensic auditability.
View termการประเมินท่าทางของอุปกรณ์
The evaluation of a device's security state, such as patch levels, configurations, and presence of security controls, before granting access to sensitive resources.
View termการปรับใช้งานแพตช์เสมือน
The process of applying security controls, such as firewall rules or IPS signatures, to mitigate vulnerabilities without modifying the underlying code or software until a permanent patch is available.
View termการป้องกัน Credential Stuffing
Measures and technologies to detect, block, and mitigate automated login attempts using stolen or reused username-password pairs from data breaches.
View termการป้องกัน Metadata ของอินสแตนซ์
A security control that prevents unauthorized access to the metadata service of virtual machine or container instances, mitigating risks of credential theft and privilege escalation.
View termการป้องกันการงัดแงะเอนด์พอยต์
A security feature that prevents unauthorized users or malware from disabling, modifying, or bypassing endpoint security controls and agents.
View termการป้องกันการบุกรุกโฮสต์
A security solution deployed on host systems to proactively detect, block, and log malicious activity, such as exploits or unauthorized changes, before they compromise the host.
View termการป้องกันการยึดบัญชี
Security measures designed to detect and prevent unauthorized access to user accounts, including the use of MFA, behavioral analytics, and credential monitoring.
View termการป้องกันการสูญหายของข้อมูล
A suite of technologies and policies designed to detect, monitor, and prevent the unauthorized transmission or disclosure of sensitive information, whether in use, in motion, or at rest.
View termการป้องกันการหลบหนีของ Hypervisor
A set of security controls and techniques that prevent or detect attempts by virtual machines to break out of hypervisor containment and gain access to the host or other guest VMs.
View termการป้องกันการหลบหนีของคอนเทนเนอร์
Security controls and mechanisms implemented to prevent processes within a container from breaching isolation boundaries and accessing the host system or other containers.
View termการป้องกันการเล่นซ้ำโทเค็น
Security controls and techniques that ensure tokens, such as authentication or session tokens, cannot be reused by attackers to gain unauthorized access to resources.
View termการป้องกันภัยคุกคาม API
A set of security mechanisms designed to detect, block, and mitigate malicious activity targeting application programming interfaces, including attacks such as injection, abuse, and unauthorized access.
View termการผสานรวมบริการการรับรอง
The process of connecting systems to trusted attestation services that validate the integrity and security posture of cloud workloads or endpoints before granting access or deployment. Referenced in NIST SP 800-193 and IETF RFC 9334.
View termการมิเรอร์ทราฟฟิกคลาวด์
A cloud-native capability that duplicates network traffic to analysis tools for monitoring, threat detection, and compliance without impacting production systems.
View termการรับรองสุขภาพเอนด์พอยต์
A process by which the health state of an endpoint device is cryptographically measured and validated before it is allowed network or application access.
View termการลดภัยคุกคามถาวร
A set of proactive and reactive controls aimed at detecting, containing, and eradicating advanced persistent threats (APTs) within enterprise networks or cloud environments.
View termการล่าภัยคุกคามอัตโนมัติ
The continuous, proactive, and algorithm-driven search for threats and anomalies in an environment, using automated tools and machine learning to supplement human analyst investigations.
View termการวิเคราะห์ความสัมพันธ์ของกิจกรรมคลาวด์
The process of linking and analyzing disparate cloud events, logs, and telemetry to detect patterns indicative of threats, policy violations, or misconfigurations.
View termการวิเคราะห์พฤติกรรมขณะรันไทม์
Continuous monitoring and assessment of applications’ or systems’ activities during execution to detect anomalies or threats by comparing behavior against established baselines.
View termการวิเคราะห์พฤติกรรมผู้ใช้
Advanced analytics that monitor and analyze user activity patterns to detect insider threats, compromised accounts, and policy violations in real time.
View termการสแกนช่องโหว่แบบไม่ใช้เอเจนต์
A vulnerability assessment performed without installing agents on target systems, using network, API, or credentialed scans to identify security weaknesses in cloud and endpoint assets.
View termการสแกนอิมเมจคอนเทนเนอร์
The process of automatically analyzing container images for vulnerabilities, malware, and policy violations before deployment to production environments.
View termการหมุนกุญแจอัตโนมัติ
A security control that automatically replaces cryptographic keys at predefined intervals to minimize the risk of key compromise and ensure ongoing data confidentiality.
View termการห่อฟังก์ชันเซิร์ฟเวอร์เลส
The security practice of encapsulating serverless functions within wrappers or middleware to enforce policy, perform input validation, and monitor execution context before invoking business logic.
View termการเก็บรวบรวมทางนิติวิทยาศาสตร์ของเอนด์พอยต์
The process of acquiring and preserving digital evidence from cloud or on-premises endpoints in a manner consistent with legal and organizational requirements for later analysis. Documented in NIST SP 800-86 and ISO/IEC 27037.
View termการเข้าถึง Just In Time
A privileged access management method that grants users temporary, time-bound, and auditable access rights to critical systems only when needed, reducing the risk of standing privileges.
View termการเข้าถึงข้ามผู้เช่า
The mechanism by which users, services, or applications are granted permission to access resources across different isolated tenants in a multi-tenant cloud environment, with strict access controls and monitoring.
View termการเข้ารหัสพื้นที่จัดเก็บข้อมูลคลาวด์
The use of cryptographic techniques to protect data stored in cloud environments, ensuring confidentiality and integrity both at rest and in transit.
View termการแก้ไขตามนโยบาย
Automated or manual corrective actions triggered by predefined policies to mitigate detected security incidents or configuration deviations.
View termการแจ้งเตือนการกำหนดค่าทรัพยากรผิดพลาด
Automated notification generated when a cloud resource, such as storage or compute, is configured in a way that exposes it to risk or violates policy.
View termการแจ้งเตือนการนำข้อมูลออก
The real-time detection and notification of unauthorized attempts to transfer sensitive or regulated data out of protected environments.
View termการแบ่งส่วนเครือข่ายคลาวด์
The practice of dividing cloud-based network environments into distinct, isolated segments to enforce security boundaries, restrict lateral movement, and apply policy controls, typically using software-defined networking (SDN) principles. Referenced in NIST SP 800-125A and ISO/IEC 27033-6.
View termการแบ่งส่วนเครือข่ายคลาวด์
The process of dividing a cloud network into isolated segments or zones to control traffic flow and limit lateral movement by attackers. Enables granular access controls and policy enforcement between workloads.
View termการแมปข้อมูลประจำตัวทรัพยากร
The process of associating digital resources (such as VMs, APIs, or storage objects) with unique, verifiable identities for secure access control and audit.
View termการแมปอัตลักษณ์แบบเฟเดอเรท
A process that links user identities from external or partner identity providers to local systems, enabling single sign-on, unified access control, and secure collaboration.
View termการแยก Runtime ของคอนเทนเนอร์
A set of controls and configurations that ensure each running container is logically and physically separated from other containers, the host, and network resources, mitigating risks of lateral movement and escape.
View termการแยกระบบปฏิบัติการเกสต์
The practice of isolating virtual machines (guests) from each other and from the host system to prevent unauthorized access and limit the impact of potential breaches in multi-tenant cloud environments.
View termการแยกเบราว์เซอร์จากระยะไกล
A security technique in which a user’s web browsing session is executed on a remote server, isolating all web content from the user’s local environment to prevent endpoint compromise.
View termการให้คะแนนความเชื่อถือของอุปกรณ์
A security metric that evaluates the trustworthiness of a device based on hardware, software, configuration, compliance posture, and real-time risk signals to inform access decisions.
View termการให้คะแนนความเสี่ยงแบบไดนามิก
A continuous process that calculates the real-time security risk posed by users, devices, or applications based on behavior, context, and threat intelligence.
View termข่าวกรองภัยคุกคามคลาวด์
The process of gathering, analyzing, and operationalizing information about cloud-specific threats, adversary tactics, and vulnerabilities to inform cloud security controls and incident response. Cited in NIST SP 800-150 and MITRE ATT&CK® for Cloud.
View termข่าวกรองภัยคุกคามเอนด์พอยต์
The real-time collection and analysis of threat indicators and adversary tactics from endpoint devices to enhance detection, response, and proactive defense.
View termคลาวด์ส่วนตัวเสมือน
A logically isolated section of a public cloud where organizations can launch resources in a virtual network that they define and control, often with custom security policies and network segmentation.
View termความปลอดภัยของคอนเทนเนอร์แอปพลิเคชัน
Practices and controls for securing containerized applications and environments, including image scanning, runtime protection, and isolation to prevent unauthorized access and compromise.
View termความปลอดภัยของเซอร์วิสเมช
A set of controls, policies, and tools for ensuring secure communication, authentication, and authorization between microservices within a service mesh architecture.
View termความปลอดภัยของเดสก์ท็อปเสมือน
Practices, controls, and technologies used to secure virtual desktop infrastructure (VDI) and virtual desktops in cloud and on-premises environments against unauthorized access, data leakage, and malware.
View termตัวกลางเข้าถึงคลาวด์
A security policy enforcement point between cloud service users and providers that ensures enterprise security requirements, such as access controls, compliance, and data protection, are applied to cloud resources.
View termตาข่ายความปลอดภัยไมโครเซอร์วิส
A distributed security framework that provides consistent identity, policy enforcement, and encrypted communication across microservices within cloud-native and containerized environments.
View termนายหน้าความปลอดภัย SaaS
A security model and technology platform that intermediates access between enterprise users and SaaS applications, enforcing security, compliance, and policy controls.
View termนโยบายการกักกันเอนด์พอยต์
A defined set of rules for isolating endpoints that exhibit suspicious or non-compliant behavior to prevent them from accessing sensitive systems or networks until remediated.
View termนโยบายการจัดทำบัญชีขาวของแอปพลิเคชัน
A security control that restricts the execution of software to only pre-approved applications, preventing unauthorized or malicious programs from running.
View termนโยบายการเข้าถึงแบบมีเงื่อนไข
A security rule that grants or blocks access to resources based on specific conditions such as user location, device posture, risk level, or group membership.
View termนโยบายการแบ่งปันทรัพยากร
A set of security rules and access controls governing how digital resources such as data, storage, and APIs are shared among users, groups, or external entities.
View termนโยบายการแยกงานโหลด
A security policy that enforces strict logical and sometimes physical separation of workloads to prevent unauthorized access or lateral movement in cloud and hybrid environments.
View termนโยบายความปลอดภัยแบบไร้เซิร์ฟเวอร์
A set of security controls and guidelines specifically designed to protect serverless computing architectures by restricting permissions, monitoring function code, and ensuring secure event triggers.
View termนโยบายไฟร์วอลล์โฮสต์
A defined set of rules and configurations that control inbound and outbound network traffic at the individual host or VM level to reduce attack surface and prevent unauthorized access.
View termนโยบายไมโครเซ็กเมนเทชัน
A granular security approach that divides networks into isolated segments at the workload or application level, enforcing tailored controls to limit lateral movement and contain breaches.
View termบริการจัดการคีย์
A centralized service or system that creates, stores, rotates, and manages cryptographic keys used for securing data at rest and in transit within cloud and enterprise environments.
View termบริการแยกเบราว์เซอร์
A security mechanism that isolates end-users’ web browsing activity from the endpoint or corporate network by running browser sessions in a remote or virtualized environment.
View termผู้ให้บริการความปลอดภัยแบบจัดการ
An external organization that delivers outsourced security monitoring, management, and incident response services for client environments, including cloud, on-premises, or hybrid systems. Cited in NIST SP 800-171 and ISO/IEC 27001.
View termมาร์กอัปการรับรองความปลอดภัย
An XML-based framework (SAML) for exchanging authentication and authorization data between security domains, commonly used for single sign-on (SSO) in web applications.
View termระบบอัตโนมัติการค้นหาทรัพย์สิน
The automated identification and inventory of all devices, cloud resources, software, and services within an organization’s digital environment for improved visibility and security.
View termวงจรชีวิตตัวตนเครื่องจักร
The complete set of processes for creating, managing, renewing, and retiring machine identities (e.g., certificates, keys) across IT assets to ensure proper authentication and authorization.
View termสถานะความปลอดภัยคลาวด์
The overall security status and configuration of cloud services, assets, and workloads in accordance with organizational and regulatory requirements. Assessed and managed using continuous monitoring, benchmarking, and automated remediation to reduce risk.
View termสถาปัตยกรรม Zero Trust
A security model based on the principle that no user, device, or network component should be trusted by default. Enforces strict identity verification and continuous authorization regardless of location.
View termสหพันธ์คลาวด์ไฮบริด
The operational model enabling secure interoperability and resource management across multiple private and public cloud infrastructures under unified governance, supporting workload mobility and policy enforcement.
View termเกตเวย์การเข้ารหัสคลาวด์
A security appliance or service that encrypts sensitive data before it is transferred to cloud services, ensuring confidentiality and compliance with data protection policies.
View termเกตเวย์ความปลอดภัย API
A dedicated service or device that provides centralized security controls for APIs, including authentication, authorization, rate limiting, input validation, and threat protection.
View termแพลตฟอร์มปกป้องเวิร์กโหลด
A cloud-native security solution that provides visibility and real-time protection for workloads—such as virtual machines, containers, and serverless functions—across public, private, and hybrid clouds.
View termโปรโตคอลรับรองระยะไกล
A cryptographic protocol that enables a verifier to remotely validate the integrity and trustworthiness of a device or system before allowing network or application access.
View termโปรโตคอลเฟเดอเรชันระบุตัวตน
A standardized mechanism allowing multiple organizations or domains to securely share and validate user identities using protocols such as SAML, OAuth, or OpenID Connect.
View termโมดูลแพลตฟอร์มที่เชื่อถือได้
A hardware security chip designed to securely store cryptographic keys, certificates, and perform integrity checks to ensure device trustworthiness.
View term