{"id":15269,"date":"2023-06-13T11:54:30","date_gmt":"2023-06-13T09:54:30","guid":{"rendered":"http:\/\/www.orbit.cz\/?post_type=encyklopedie-cloudu&#038;p=15269"},"modified":"2025-09-03T10:03:14","modified_gmt":"2025-09-03T08:03:14","slug":"sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu","status":"publish","type":"encyklopedie-cloudu","link":"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/","title":{"rendered":"Vulnerability scanning: how to counter threats in the public cloud?"},"content":{"rendered":"<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"508\" src=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-1024x508.jpg\" alt=\"Vulnerability scanning or how to prevent security threats in the public cloud | ORBIT Cloud Encyclopedia\" class=\"wp-image-15270\" srcset=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-1024x508.jpg 1024w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-300x149.jpg 300w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-768x381.jpg 768w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-1536x762.jpg 1536w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-scaled.jpg 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n\n<style>.wp-block-kadence-column.kb-section-dir-horizontal > .kt-inside-inner-col > .kt-info-box15269_3bd9b2-03 .kt-blocks-info-box-link-wrap{max-width:unset;}.kt-info-box15269_3bd9b2-03 .kt-blocks-info-box-link-wrap{background:#ffffff;padding-top:var(--global-kb-spacing-xs, 1rem);padding-right:var(--global-kb-spacing-xs, 1rem);padding-bottom:var(--global-kb-spacing-xs, 1rem);padding-left:0px;}.kt-info-box15269_3bd9b2-03.wp-block-kadence-infobox{max-width:100%;}.kt-info-box15269_3bd9b2-03 .kadence-info-box-image-inner-intrisic-container .kadence-info-box-image-intrisic{padding-bottom:100%;max-width:100%;}.kt-info-box15269_3bd9b2-03 .kadence-info-box-icon-container .kt-info-svg-icon, .kt-info-box15269_3bd9b2-03 .kt-info-svg-icon-flip, .kt-info-box15269_3bd9b2-03 .kt-blocks-info-box-number{font-size:50px;}.kt-info-box15269_3bd9b2-03 .kt-blocks-info-box-media{border-radius:200px;overflow:hidden;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;}.kt-info-box15269_3bd9b2-03 .kt-infobox-textcontent p.kt-blocks-info-box-title{font-size:var(--global-kb-font-size-md, 1.25rem);font-weight:400;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;margin-top:0px;margin-right:0px;margin-bottom:10px;margin-left:0px;}.wp-block-kadence-infobox.kt-info-box15269_3bd9b2-03 .kt-blocks-info-box-text{font-style:normal;font-weight:bold;}.kt-info-box15269_3bd9b2-03 .kt-blocks-info-box-learnmore{background:transparent;border-width:0px 0px 0px 0px;padding-top:4px;padding-right:8px;padding-bottom:4px;padding-left:8px;margin-top:10px;margin-right:0px;margin-bottom:10px;margin-left:0px;}<\/style>\n<div class=\"wp-block-kadence-infobox kt-info-box15269_3bd9b2-03 orbit-testimonial-second\"><span class=\"kt-blocks-info-box-link-wrap info-box-link kt-blocks-info-box-media-align-left kt-info-halign-left\"><div class=\"kt-blocks-info-box-media-container\"><div class=\"kt-blocks-info-box-media kt-info-media-animate-none\"><\/div><\/div><div class=\"kt-infobox-textcontent\"><p class=\"kt-blocks-info-box-title\"><span style=\"text-decoration: underline;\"><a href=\"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/sprava-cloudu-1-nepatchujte-redeployujte\/\" target=\"_blank\" rel=\"noopener\">In the previous episode<\/a><\/span> we compared patch management in an on-premise environment with a cloud environment. In this article, we'll look at security in the cloud, focusing on vulnerability scanning, patching and updating software and libraries, and continuously monitoring the health of our solution.<\/p><p class=\"kt-blocks-info-box-text\"><\/p><\/div><\/span><\/div>\n\n\n\n<p>Cybersecurity is a hot topic and will continue to be. Just as we know the principles of occupational health and safety (OHS) and fire protection (FP), so too should our knowledge of cyber security.<\/p>\n\n\n\n<p>Cybersecurity today is no longer just about firewalls and antivirus, but also about setting up processes, rules and responding to current threats. It's not just about IT, but also about the behaviour of employees and suppliers. <strong>So we all have a responsibility for data security<\/strong>not only in the context of work, but also in private life. What threats are lurking?<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>1) Incorrectly configured resources<br><\/strong><\/h2>\n\n\n\n<p>Misconfiguration of cloud services can lead to many vulnerabilities. An example is <strong>poorly set up access to cloud services<\/strong> or <strong>misconfiguration of firewalls<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Incorrect configuration of access rules in S3 bucket<\/strong><\/h3>\n\n\n\n<p>Quite regularly there are media reports of sensitive data leaks due to misconfigured access rules in the S3 bucket (data store in AWS). Sometimes this is outright shenanigans when the S3 bucket is publicly accessible. Usually, however, it's a matter of misconfigured access rules (e.g., just having any AWS account to access a given S3 bucket).<\/p>\n\n\n\n<p><strong>Examples of known incidents:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong><em>Capital One (July 2019): <\/em><\/strong><em>An attacker stole the personal and financial information of more than 100 million customers and gained access to sensitive data. Capital One misconfigured the S3 bucket and left it publicly accessible.<\/em><\/li>\n\n\n\n<li><strong><em>Uber (2016):<\/em><\/strong><em> A misconfigured Amazon S3 bucket caused a data breach that affected more than 57 million customers and drivers and led to the disclosure of personal data.<\/em><\/li>\n\n\n\n<li><strong><em>Verizon (July 2017):<\/em><\/strong><em> A misconfigured S3 bucket operated by a third party caused the personal data of 6 million customers to be leaked. The incident involved the exposure of data such as customer names, addresses and identification numbers.<\/em><\/li>\n\n\n\n<li><strong><em>Dow Jones (July 2017):<\/em><\/strong><em> Due to a misconfigured S3 bucket, the company accidentally exposed the personal information of more than 2.2 million of its customers.<\/em><\/li>\n\n\n\n<li><strong><em>Accenture (September 2017):<\/em><\/strong><em> The company accidentally left four S3 buckets publicly accessible, resulting in the exposure of sensitive data, including company passwords and system access credentials.<\/em><\/li>\n<\/ol>\n\n\n\n<p><em>You can see other known cases in&nbsp;<\/em><span style=\"text-decoration: underline;\"><a href=\"https:\/\/www.google.com\/search?q=leaked+documents+because+of+wrong+s3+policies&amp;oq=leaked+documents+because+of+wrong+s3+policies\" target=\"_blank\" rel=\"noopener\"><em>these articles<\/em><\/a><\/span><em>.<\/em><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Firewalls misconfiguration<\/strong><\/h3>\n\n\n\n<p><span style=\"text-decoration: underline;\"><a href=\"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/jak-pomuze-nis2-zvysit-i-vasi-kybernetickou-bezpecnost\/\" target=\"_blank\" rel=\"noopener\">Requirements of the NIS2 Directive<\/a><\/span> are nothing new in the field of cybersecurity. Did your organization fall under <em>Cybersecurity Act<\/em> or do you have an information security management system in place? Then there is a minimum of news waiting for you.<\/p>\n\n\n\n<p>Is cybersecurity a new topic for you? Then yes, you will need to make a greater effort to meet your new obligations. But there's no need to panic.<\/p>\n\n\n\n<p>Although cloud environments enable network microsegmentation using <em>AWS Security Group<\/em> or <em>Azure Network Security Group<\/em>, it happens that <strong>firewalls remain completely open to the entire internet<\/strong> (or \"just\" some important ports like 22 or 3389).<\/p>\n\n\n<style>.wp-block-kadence-column.kb-section-dir-horizontal > .kt-inside-inner-col > .kt-info-box15269_523fc4-27 .kt-blocks-info-box-link-wrap{max-width:unset;}.kt-info-box15269_523fc4-27 .kt-blocks-info-box-link-wrap{background:#ffffff;padding-top:var(--global-kb-spacing-xs, 1rem);padding-right:var(--global-kb-spacing-xs, 1rem);padding-bottom:var(--global-kb-spacing-xs, 1rem);padding-left:0px;}.kt-info-box15269_523fc4-27.wp-block-kadence-infobox{max-width:100%;}.kt-info-box15269_523fc4-27 .kadence-info-box-image-inner-intrisic-container .kadence-info-box-image-intrisic{padding-bottom:100%;max-width:100%;}.kt-info-box15269_523fc4-27 .kadence-info-box-icon-container .kt-info-svg-icon, .kt-info-box15269_523fc4-27 .kt-info-svg-icon-flip, .kt-info-box15269_523fc4-27 .kt-blocks-info-box-number{font-size:50px;}.kt-info-box15269_523fc4-27 .kt-blocks-info-box-media{border-radius:200px;overflow:hidden;border-top-width:0px;border-right-width:0px;border-bottom-width:0px;border-left-width:0px;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;}.kt-info-box15269_523fc4-27 .kt-infobox-textcontent p.kt-blocks-info-box-title{font-size:var(--global-kb-font-size-md, 1.25rem);padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;margin-top:0px;margin-right:0px;margin-bottom:10px;margin-left:0px;}.wp-block-kadence-infobox.kt-info-box15269_523fc4-27 .kt-blocks-info-box-text{font-weight:400;}.kt-info-box15269_523fc4-27 .kt-blocks-info-box-learnmore{background:transparent;border-width:0px 0px 0px 0px;padding-top:4px;padding-right:8px;padding-bottom:4px;padding-left:8px;margin-top:10px;margin-right:0px;margin-bottom:10px;margin-left:0px;}<\/style>\n<div class=\"wp-block-kadence-infobox kt-info-box15269_523fc4-27 orbit-testimonial-second\"><span class=\"kt-blocks-info-box-link-wrap info-box-link kt-blocks-info-box-media-align-left kt-info-halign-left\"><div class=\"kt-blocks-info-box-media-container\"><div class=\"kt-blocks-info-box-media kt-info-media-animate-none\"><\/div><\/div><div class=\"kt-infobox-textcontent\"><p class=\"kt-blocks-info-box-title\">Comrades from not-so-friendly countries are just waiting to join your server. Go ahead and create a publicly accessible server and let it run for an hour. Then check the log for the number of failed connection attempts. My guess is that you will see thousands of connection attempts. There are bots lurking on the Internet to crack any available system.<\/p><p class=\"kt-blocks-info-box-text\"><\/p><\/div><\/span><\/div>\n\n\n\n<p>In general, the <strong>no system should be publicly available<\/strong> (i.e. not to have a public IP address) unless absolutely necessary. And if it is necessary, it should only be made available to known IP addresses.<\/p>\n\n\n\n<p>Cloud platforms offer us (often for free) tools and recommendations on how to secure our systems in the cloud. But it is up to us to know about them and to implement them.<\/p>\n\n\n\n<p>All the big clouds define some form of shared responsibility model in which they say they take responsibility for the security of the cloud itself. However, <strong>the customer is responsible for the configuration of the cloud and the applications that run on it<\/strong>&nbsp;(see <span style=\"text-decoration: underline;\"><a href=\"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/8-principu-se-kterymi-zajistite-bezpecnost-v-cloudu\/\" target=\"_blank\" rel=\"noopener\">8 principles to ensure security in the cloud<\/a><\/span>).<\/p>\n\n\n\n<figure class=\"wp-block-image alignnone wp-image-15272 size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"551\" src=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-02-schema-1024x551.png\" alt=\"AWS shared responsibility model | ORBIT\" class=\"wp-image-15272\" srcset=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-02-schema-1024x551.png 1024w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-02-schema-300x162.png 300w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-02-schema-768x413.png 768w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-02-schema.png 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>AWS shared responsibility model (source: <\/em><a href=\"https:\/\/aws.amazon.com\/compliance\/shared-responsibility-model\/\" target=\"_blank\" rel=\"noopener\"><em>https:\/\/aws.amazon.com\/compliance\/shared-responsibility-model\/<\/em><\/a><em>)<\/em><\/figcaption><\/figure>\n\n\n\n<p>We write about how to verify your cloud settings in the following paragraph <span style=\"text-decoration: underline;\"><a href=\"#skenovani_zranitelnosti_cloudoveho_prostredi\">cloud configuration scanning<\/a><\/span>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>2) Bad authentication and authorization settings<\/strong><\/h2>\n\n\n\n<p>Once an attacker gains access to a user's account, they can also gain access to sensitive data and resources. Weak passwords, insufficient authentication and authorization, and other factors are usually to blame.<\/p>\n\n\n\n<p>As a complete basis for logging into the cloud, the following should be required <span style=\"text-decoration: underline;\"><a href=\"http:\/\/4.184.192.234\/en\/virtualni-pracovni-misto\/\" target=\"_blank\" rel=\"noopener\">multifactor authentication<\/a><\/span>&nbsp;(In addition to your name and password (or access keys), you will need a one-time password (OTP), which will be generated by the mobile app or sent to you by email (or SMS).<\/p>\n\n\n\n<p>You can also allow access to the cloud only from certain IP addresses.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>3) Bugs in software and libraries<br><\/strong><\/h2>\n\n\n\n<p>Attackers can also exploit known vulnerabilities in outdated software and libraries. They can be caused by poor code implementation, vulnerabilities in software libraries or misconfiguration.<\/p>\n\n\n\n<p>We cover how to approach known software bugs in a separate section <span style=\"text-decoration: underline;\"><a href=\"#skenovani_zranitelnosti_v_aplikacich\">scanning for vulnerabilities in applications<\/a><\/span>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>4) Insufficient data security <\/strong><\/h2>\n\n\n\n<p>Inadequate data security can lead to the theft of sensitive information. Poor quality encryption, inadequate data storage or inadequate access controls are often to blame.<\/p>\n\n\n\n<p>Theoretically, I should convince you that the only correct concept to ensure better security of stored data is to minimize access rights for users. But personally, I prefer a different approach: let's give users <strong>maximum possible rights<\/strong>so they can use the cloud meaningfully and independently. Provided, of course, that they <strong>all users properly trained<\/strong> and be aware of the risks associated with the cloud environment.<\/p>\n\n\n\n<p>This can be elegantly addressed by creating multiple cloud environments for individual applications\/teams. Everyone then \"plays on their own turf\" and if they \"break something\" it doesn't affect the others.<\/p>\n\n\n\n<p>If even the cloud administrator should not have access to some sensitive data, we must <strong>encrypt data on the client side<\/strong> (i.e. in the application) and store encryption keys outside the cloud itself (e.g. external HSM).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>5) DDoS attacks<br><\/strong><\/h2>\n\n\n\n<p>Distributed Denial of Service (DDoS) attacks are also common in the public cloud. Attackers use many devices to send a large number of legitimate requests to a target server, which can cause <strong>application unavailability and service outage<\/strong>.<\/p>\n\n\n\n<p>Using the cloud to minimize the impact of a DDoS attack is still the way to go for several reasons:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud platforms have \"rich\" experience with DDoS and offer <strong>services to help protect<\/strong> (<em>AWS Shield<\/em>, <em>Azure DDoS Protection<\/em>, <em>Google Cloud Armor<\/em>).<\/li>\n\n\n\n<li>Cloud platforms have <strong>massive connectivity to the internet<\/strong>that cannot be as easily overloaded as an internet connection to an on-premise datacentre.<\/li>\n\n\n\n<li><strong>Automatic application scaling<\/strong> (autoscaling) can be configured in such a way that it can absorb an increased number of requests until the attack stops.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>6) Bad API management <\/strong><\/h2>\n\n\n\n<p>APIs (Application Programming Interfaces) are an increasingly important part of modern applications and systems, so it is important to ensure their security.<\/p>\n\n\n\n<p>Various security issues can arise when managing APIs - for example, improper authentication and authorization can allow an attacker to access API functions to which they are not authorized. Unauthorized access can also occur if an attacker <strong>obtains access data from an authorised user<\/strong> or <strong>finds a vulnerability in the API that can be exploited<\/strong>.<\/p>\n\n\n\n<p>To create APIs in the cloud, we should use <strong>dedicated services<\/strong> (<em>AWS API Gateway<\/em>, <em>Azure API Management<\/em>, <em>GCP API Gateway<\/em>). These should be integrated with other services for strong authentication and authorization (<em>AWS Cognito<\/em>, <em>Azure AD<\/em>). We should set proper rate limits (the number of requests in a certain period of time so that users can't bombard our API). Alternatively, we can also use a Web Application Firewall to protect against application layer attacks.<br><a id=\"skenovani_zranitelnosti_cloudoveho_prostredi\"><\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Security scanning<\/strong><\/h2>\n\n\n\n<p>Vulnerabilities in the cloud can be divided into two main categories: cloud configuration issues and vulnerabilities in the software we run in the cloud. It is important to stress that proper cloud protection <strong>requires a combination of preventive measures in both areas<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Cloud Configuration Scanning<\/strong><\/h3>\n\n\n\n<p>Public clouds have mechanisms (<em>AWS Service Control Policies<\/em>, <em>Azure Policy<\/em>), which can be used to <strong>completely prohibit certain activities<\/strong>. For example, it will not allow a user to create a subnet that is accessible from the Internet, so it will not be able to create a server that is accessible from the Internet.<\/p>\n\n\n\n<p>There are even <strong>pre-prepared sets of policies<\/strong>with which you can be compliant with, for example, ISO standards, or <strong>security benchmarks<\/strong>.<\/p>\n\n\n\n<p>However, there may be cases where we do not (or cannot) explicitly disable something, but still need the configuration to meet certain requirements, such as PCI DSS. In AWS, we use the service <strong><em>AWS Config<\/em><\/strong>which allows you to monitor the configuration of our AWS environment and its changes.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>AWS Config &amp; Change Analysis<\/strong><\/h4>\n\n\n\n<p>Scanning for vulnerabilities in AWS environments using <span style=\"text-decoration: underline;\"><a href=\"https:\/\/aws.amazon.com\/config\/\" target=\"_blank\" rel=\"noopener\">AWS Config<\/a><\/span> is used to identify changes in the configuration that might indicate a security risk or a violation of the rules. We are therefore able to quickly identify and respond to problems. <em>AWS Config<\/em> can create alerts or trigger actions to automatically fix the problem.<\/p>\n\n\n\n<p>In addition, it can <em>AWS Config<\/em> help with auditing and change history. It stores the configuration history of your environment. This makes it possible to view configuration changes backwards and check who made the changes and when (which can be useful for auditing).<\/p>\n\n\n\n<p><em>AWS Config<\/em> after integration with other AWS services <strong>dramatically improve the monitoring of your AWS environment<\/strong> and identifies potential security risks and configuration issues.<\/p>\n\n\n\n<p>In the Azure world, the tool works analogously <span style=\"text-decoration: underline;\"><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/azure-monitor\/change\/change-analysis-enable\" target=\"_blank\" rel=\"noopener\">Change analysis<\/a><\/span>that searches for configuration changes to supported resources.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>CVE (Common Vulnerabilities and Exposures)<\/strong><\/h4>\n\n\n\n<p>CVE is <strong>a program to identify, describe and record publicly known cyber vulnerabilities<\/strong>. Each discovered vulnerability is classified according to its severity (critical, high, medium, low, none) and stored in the CVE database (at the time of writing, it had 203,653 entries).<\/p>\n\n\n<div class=\"wp-block-image alignnone size-full wp-image-15274\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"370\" height=\"360\" src=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-03-schema.png\" alt=\"CVE (Common Vulnerabilities and Exposures) | ORBIT\" class=\"wp-image-15274\" srcset=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-03-schema.png 370w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-03-schema-300x292.png 300w\" sizes=\"auto, (max-width: 370px) 100vw, 370px\" \/><figcaption class=\"wp-element-caption\">https:\/\/www.cve.org\/<\/figcaption><\/figure>\n<\/div>\n\n\n<p>The CVE database was created to standardize vulnerability reporting and provide users with an easy way to <strong>identify potential security threats and<\/strong> <strong>minimise risks<\/strong>.<\/p>\n\n\n\n<p>In recent years, alternatives to the CVE database have emerged that attempt to address some of its shortcomings (e.g., the problem with the speed of vulnerability disclosure). However, the CVE database still remains a key tool for security experts and organisations worldwide.<br><a id=\"skenovani_zranitelnosti_v_aplikacich\"><\/a><\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>Scanning for vulnerabilities in applications<\/strong><\/h4>\n\n\n\n<p>There are a number of tools and solutions for vulnerability scanning. It's just a matter of picking one and starting to use it (<span style=\"text-decoration: underline;\"><a href=\"https:\/\/owasp.org\/www-community\/Vulnerability_Scanning_Tools\" target=\"_blank\" rel=\"noopener\"><em>Vulnerability Scanning Tools<\/em><\/a><\/span>, <em>Orca Cloud Security<\/em>, <em>Amazon Inspector<\/em>, <em>Azure Defender for Cloud<\/em> and others).<\/p>\n\n\n\n<p>Normally, security scanning is done at the beginning when writing application code. Then the container is eventually scanned when it is uploaded to the repository, but that's about it. Who would bother <strong>regular security scans<\/strong>? After all, we have a perimeter firewall, so no one can get to us (besides, we are already busy).<\/p>\n\n\n\n<p>Here I would like to point out that hackers are making billions of dollars worldwide. So they are very motivated to continue to improve. We, on the other hand, should be equally motivated to use all available means to reduce the attack surface.<\/p>\n\n\n\n<p>It is not enough to update the OS once every three months because some standard requires it. We should <strong>to know the state of our system on an ongoing basis<\/strong> with regard to security, the platforms used and our own applications.<\/p>\n\n\n<div class=\"wp-block-image alignnone size-large wp-image-15276\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"495\" src=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-04-schema-1024x495.png\" alt=\"Vulnerability scanning in AWS | ORBIT\" class=\"wp-image-15276\" srcset=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-04-schema-1024x495.png 1024w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-04-schema-300x145.png 300w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-04-schema-768x371.png 768w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-04-schema.png 1423w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Sample AWS vulnerability scan output<\/figcaption><\/figure>\n<\/div>\n\n\n<p>Cloud environments can be easily configured to perform vulnerability scans<strong>&nbsp;at regular intervals<\/strong> (1 time a day, 1 time a week). If a new vulnerability is discovered that meets our defined level (e.g. high\/critical), we will receive an automatic notification via email, Slack, or otherwise.<\/p>\n\n\n\n<p>We need to remove a serious vulnerability as quickly, safely and easily as possible. Usually this requires updating the OS, platform or application and redeploying the application.<\/p>\n\n\n\n<figure class=\"wp-block-image alignnone size-large wp-image-15278\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"183\" src=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-05-schema-1024x183.png\" alt=\"Docker base image | ORBIT\" class=\"wp-image-15278\" srcset=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-05-schema-1024x183.png 1024w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-05-schema-300x54.png 300w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-05-schema-768x137.png 768w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-05-schema.png 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Example of removing vulnerabilities by upgrading a Docker base image<\/figcaption><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><strong>CI\/CD + Infra as Code<\/strong><\/h4>\n\n\n\n<p>If we have <span style=\"text-decoration: underline;\"><a href=\"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/deployment-pipelines-jdeme-na-to-v-cloudu\/\" target=\"_blank\" rel=\"noopener\">correctly set up CI\/CD pipeline<\/a><\/span> and we are able to deploy new versions without system downtime, patching the application is not a challenge for us.<\/p>\n\n\n\n<p>If it is:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>vulnerability in cloud configuration<\/strong>we'll modify the IaC scripts,<\/li>\n\n\n\n<li><strong>vulnerability in the operating system<\/strong>, just update in IaC scripts VM or <em>Docker base image<\/em> the OS version in which the vulnerability is resolved,<\/li>\n\n\n\n<li><strong>vulnerability in application libraries<\/strong>, you need to update the libraries to new versions and rebuild the application,<\/li>\n\n\n\n<li><strong>vulnerability in the application code itself<\/strong>, you need to make adequate code changes and also rebuild the whole application.<\/li>\n<\/ul>\n\n\n\n<p>After each such intervention, we need to be sure that our application is still working and that we haven't caused any more bugs.<\/p>\n\n\n\n<p>The diagram below shows the minimum number of steps a CI\/CD pipeline should take to <strong>successful deployment of the new version of the application<\/strong>. Manual approval prior to deployment in a production environment is optional. However, I have not personally experienced a project where deployment was completely automated.<\/p>\n\n\n\n<figure class=\"wp-block-image alignnone size-large wp-image-15280\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"397\" src=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-06-schema-1024x397.png\" alt=\"CI\/CD pipeline for deploying containerized applications | ORBIT\" class=\"wp-image-15280\" srcset=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-06-schema-1024x397.png 1024w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-06-schema-300x116.png 300w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-06-schema-768x298.png 768w, http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-06-schema.png 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Example of a CI\/CD pipeline for deploying containerized applications. Triggered by commit to a Git repository or defined Git tags.<\/figcaption><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Conclusion on vulnerability scanning<\/strong><\/h2>\n\n\n\n<p>We can basically repeat the process described above over and over again. It depends on how new and new vulnerabilities appear in our solution. <strong>So the effort invested in the CI\/CD pipeline will pay off sooner or later. <\/strong><\/p>\n\n\n\n<p>We don't have to worry about implementing new security processes that would generate significantly more work for administrators without automation. In our case, however, it's just a matter of updating a few scripts and committing to Git - the CI\/CD pipeline does the rest for us. The important thing is to know when to do these updates.<\/p>\n\n\n\n<p>Vulnerability scanning is an essential step to ensure the security of your systems and data in the public cloud. This process allows <strong>identify potential vulnerabilities<\/strong> in computer systems and allows you to <strong>take measures to eliminate them<\/strong>.<\/p>\n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>Vulnerability scanning ensures the security of your IT systems and data in the public cloud. Let's take a look at specific security threats and how to manage them.<\/p>","protected":false},"author":23,"featured_media":15270,"template":"","meta":{"_acf_changed":true,"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":""},"categories":[127,128],"class_list":["post-15269","encyklopedie-cloudu","type-encyklopedie-cloudu","status-publish","has-post-thumbnail","hentry","category-cloud-governance","category-cloud-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Skenov\u00e1n\u00ed zranitelnost\u00ed: jak \u010delit hrozb\u00e1m v public cloudu? | ORBIT<\/title>\n<meta name=\"description\" content=\"Skenov\u00e1n\u00ed zranitelnost\u00ed zajist\u00ed bezpe\u010dnost IT syst\u00e9m\u016f a dat v public cloudu. Uka\u017eme si konkr\u00e9tn\u00ed bezpe\u010dnostn\u00ed hrozby a jak je zvl\u00e1dnout.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Spr\u00e1va cloudu 2 | Encyklopedie cloudu ORBIT\" \/>\n<meta property=\"og:description\" content=\"V\u00fd\u010det bezpe\u010dnostn\u00edch hrozeb v public cloudu a zp\u016fsob\u016f, jak je zvl\u00e1dnout\" \/>\n<meta property=\"og:url\" content=\"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/\" \/>\n<meta property=\"og:site_name\" content=\"ORBIT | create IT your own way\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-03T08:03:14+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/EC22-clanek-2023-1024x536.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"536\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Spr\u00e1va cloudu 2 | Encyklopedie cloudu ORBIT\" \/>\n<meta name=\"twitter:description\" content=\"V\u00fd\u010det bezpe\u010dnostn\u00edch hrozeb v public cloudu a zp\u016fsob\u016f, jak je zvl\u00e1dnout\" \/>\n<meta name=\"twitter:image\" content=\"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/EC22-clanek-2023.png\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/\",\"url\":\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/\",\"name\":\"Skenov\u00e1n\u00ed zranitelnost\u00ed: jak \u010delit hrozb\u00e1m v public cloudu? | ORBIT\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/4.184.192.234\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/#primaryimage\"},\"image\":{\"@id\":\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/#primaryimage\"},\"thumbnailUrl\":\"http:\\\/\\\/4.184.192.234\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/sprava-cloudu-2-01-scaled.jpg\",\"datePublished\":\"2023-06-13T09:54:30+00:00\",\"dateModified\":\"2025-09-03T08:03:14+00:00\",\"description\":\"Skenov\u00e1n\u00ed zranitelnost\u00ed zajist\u00ed bezpe\u010dnost IT syst\u00e9m\u016f a dat v public cloudu. Uka\u017eme si konkr\u00e9tn\u00ed bezpe\u010dnostn\u00ed hrozby a jak je zvl\u00e1dnout.\",\"breadcrumb\":{\"@id\":\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/#primaryimage\",\"url\":\"http:\\\/\\\/4.184.192.234\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/sprava-cloudu-2-01-scaled.jpg\",\"contentUrl\":\"http:\\\/\\\/4.184.192.234\\\/wp-content\\\/uploads\\\/2023\\\/06\\\/sprava-cloudu-2-01-scaled.jpg\",\"width\":2048,\"height\":1016,\"caption\":\"Skenov\u00e1n\u00ed zranitelnost\u00ed aneb jak p\u0159edej\u00edt bezpe\u010dnostn\u00edm hrozb\u00e1m v public cloudu | Encyklopedie cloudu ORBIT\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\\\/\\\/4.184.192.234\\\/encyklopedie-cloudu\\\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\\\/\\\/4.184.192.234\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Skenov\u00e1n\u00ed zranitelnost\u00ed: jak \u010delit hrozb\u00e1m v&nbsp;public cloudu?\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\\\/\\\/4.184.192.234\\\/#website\",\"url\":\"http:\\\/\\\/4.184.192.234\\\/\",\"name\":\"ORBIT | create IT your own way\",\"description\":\"ORBIT | create IT your own way\",\"publisher\":{\"@id\":\"http:\\\/\\\/4.184.192.234\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\\\/\\\/4.184.192.234\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"Organization\",\"@id\":\"http:\\\/\\\/4.184.192.234\\\/#organization\",\"name\":\"ORBIT s.r.o.\",\"url\":\"http:\\\/\\\/4.184.192.234\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"http:\\\/\\\/4.184.192.234\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"http:\\\/\\\/4.184.192.234\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/logoslogan-01.png\",\"contentUrl\":\"http:\\\/\\\/4.184.192.234\\\/wp-content\\\/uploads\\\/2020\\\/11\\\/logoslogan-01.png\",\"width\":1417,\"height\":829,\"caption\":\"ORBIT s.r.o.\"},\"image\":{\"@id\":\"http:\\\/\\\/4.184.192.234\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.linkedin.com\\\/company\\\/orbit\\\/\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerability scanning: how to counter threats in the public cloud | ORBIT","description":"Vulnerability scanning ensures the security of IT systems and data in the public cloud. Let's look at specific security threats and how to manage them.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/","og_locale":"en_GB","og_type":"article","og_title":"Spr\u00e1va cloudu 2 | Encyklopedie cloudu ORBIT","og_description":"V\u00fd\u010det bezpe\u010dnostn\u00edch hrozeb v public cloudu a zp\u016fsob\u016f, jak je zvl\u00e1dnout","og_url":"http:\/\/4.184.192.234\/en\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/","og_site_name":"ORBIT | create IT your own way","article_modified_time":"2025-09-03T08:03:14+00:00","og_image":[{"width":1024,"height":536,"url":"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/EC22-clanek-2023-1024x536.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_title":"Spr\u00e1va cloudu 2 | Encyklopedie cloudu ORBIT","twitter_description":"V\u00fd\u010det bezpe\u010dnostn\u00edch hrozeb v public cloudu a zp\u016fsob\u016f, jak je zvl\u00e1dnout","twitter_image":"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/EC22-clanek-2023.png","twitter_misc":{"Estimated reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/","url":"http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/","name":"Vulnerability scanning: how to counter threats in the public cloud | ORBIT","isPartOf":{"@id":"http:\/\/4.184.192.234\/#website"},"primaryImageOfPage":{"@id":"http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/#primaryimage"},"image":{"@id":"http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/#primaryimage"},"thumbnailUrl":"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-scaled.jpg","datePublished":"2023-06-13T09:54:30+00:00","dateModified":"2025-09-03T08:03:14+00:00","description":"Vulnerability scanning ensures the security of IT systems and data in the public cloud. Let's look at specific security threats and how to manage them.","breadcrumb":{"@id":"http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/#primaryimage","url":"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-scaled.jpg","contentUrl":"http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-scaled.jpg","width":2048,"height":1016,"caption":"Skenov\u00e1n\u00ed zranitelnost\u00ed aneb jak p\u0159edej\u00edt bezpe\u010dnostn\u00edm hrozb\u00e1m v public cloudu | Encyklopedie cloudu ORBIT"},{"@type":"BreadcrumbList","@id":"http:\/\/4.184.192.234\/encyklopedie-cloudu\/sprava-cloudu-2-skenovani-zranitelnosti-aneb-jak-predejit-bezpecnostnim-hrozbam-v-public-cloudu\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/4.184.192.234\/"},{"@type":"ListItem","position":2,"name":"Skenov\u00e1n\u00ed zranitelnost\u00ed: jak \u010delit hrozb\u00e1m v&nbsp;public cloudu?"}]},{"@type":"WebSite","@id":"http:\/\/4.184.192.234\/#website","url":"http:\/\/4.184.192.234\/","name":"ORBIT | create IT your own way","description":"ORBIT | create IT your own way","publisher":{"@id":"http:\/\/4.184.192.234\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/4.184.192.234\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"Organization","@id":"http:\/\/4.184.192.234\/#organization","name":"ORBIT s.r.o.","url":"http:\/\/4.184.192.234\/","logo":{"@type":"ImageObject","inLanguage":"en-GB","@id":"http:\/\/4.184.192.234\/#\/schema\/logo\/image\/","url":"http:\/\/4.184.192.234\/wp-content\/uploads\/2020\/11\/logoslogan-01.png","contentUrl":"http:\/\/4.184.192.234\/wp-content\/uploads\/2020\/11\/logoslogan-01.png","width":1417,"height":829,"caption":"ORBIT s.r.o."},"image":{"@id":"http:\/\/4.184.192.234\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.linkedin.com\/company\/orbit\/"]}]}},"taxonomy_info":{"category":[{"value":127,"label":"Cloud governance"},{"value":128,"label":"Cloud security"}]},"featured_image_src_large":["http:\/\/4.184.192.234\/wp-content\/uploads\/2023\/06\/sprava-cloudu-2-01-1024x508.jpg",1024,508,true],"author_info":{"display_name":"Petros Georgiadis","author_link":"http:\/\/4.184.192.234\/en\/author\/a23a5928f5098df2\/"},"comment_info":"","_links":{"self":[{"href":"http:\/\/4.184.192.234\/en\/wp-json\/wp\/v2\/encyklopedie-cloudu\/15269","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/4.184.192.234\/en\/wp-json\/wp\/v2\/encyklopedie-cloudu"}],"about":[{"href":"http:\/\/4.184.192.234\/en\/wp-json\/wp\/v2\/types\/encyklopedie-cloudu"}],"author":[{"embeddable":true,"href":"http:\/\/4.184.192.234\/en\/wp-json\/wp\/v2\/users\/23"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/4.184.192.234\/en\/wp-json\/wp\/v2\/media\/15270"}],"wp:attachment":[{"href":"http:\/\/4.184.192.234\/en\/wp-json\/wp\/v2\/media?parent=15269"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4.184.192.234\/en\/wp-json\/wp\/v2\/categories?post=15269"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}