Security in cloud environments : using an open-source tool to secure the cloud platform
Kesseli, Tiina (2025)
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-202505069440
https://urn.fi/URN:NBN:fi:amk-202505069440
Tiivistelmä
The use of Cloud environments is widely used by companies and organizations. Companies store data related to the business operation and customer in large quantities. The thesis analyses the security aspects of cloud environments and the security environment they operate in.
This thesis is conducted for small businesses that do not have a large budget to invest in cloud security. The aim is to provide an overview of the main aspects to investigate and introduce the use of an open-source tool, which will be tested with Google Cloud and Amazon Web Services. The analysis will include an examination of the scan results and guidance on how to interpret them.
The research follows a qualitative approach by creating a test account in cloud platforms, scanning the environments using the open-source tool, and then analysing the results.
While an open-source tool can be useful for a small company in securing the environment and improving understanding of it, there are limitations. It also requires users to understand security features, as all changes in the cloud environment must be made by the user. A tool such as Scout Suite can provide recommendations and alert users to potential threats but does not take action on these matters.
This thesis is conducted for small businesses that do not have a large budget to invest in cloud security. The aim is to provide an overview of the main aspects to investigate and introduce the use of an open-source tool, which will be tested with Google Cloud and Amazon Web Services. The analysis will include an examination of the scan results and guidance on how to interpret them.
The research follows a qualitative approach by creating a test account in cloud platforms, scanning the environments using the open-source tool, and then analysing the results.
While an open-source tool can be useful for a small company in securing the environment and improving understanding of it, there are limitations. It also requires users to understand security features, as all changes in the cloud environment must be made by the user. A tool such as Scout Suite can provide recommendations and alert users to potential threats but does not take action on these matters.