CSA：理解云攻击向量——IaaS和PaaS视角（英文版）

The goal of the document is to map the various attack vectors that are actually being used during cloud-based attacks in IaaS/PaaS and to map the vectors and their mitigating controls to various resources. The motivation for this document came after we analyzed much research around cloud security and realized that they are listing a combination of risks, threats, attack vectors, vulnerabilities, and concerns. And while there are many risks and threats to IaaS/PaaS platforms and applications, mos