Merge pull request #189420 from Yvonne-deQ/patch-1

PRMerger13 · web-flow · commit c1c9856492be · 2022-02-25T05:53:37.000+05:30
Update cloudknox-multi-cloud-glossary.md
diff --git a/articles/active-directory/cloud-infrastructure-entitlement-management/cloudknox-multi-cloud-glossary.md b/articles/active-directory/cloud-infrastructure-entitlement-management/cloudknox-multi-cloud-glossary.md
@@ -26,9 +26,9 @@ This glossary provides a list of some of the commonly used cloud terms in CloudK
 |-----------------------|-----------------------------------------------------|
 | ACL                  | Access control list. A list of files or resources that contain information about which users or groups have permission to access those resources or modify those files.    |
 | ARN                  | Azure Resource Notification    |
-| ASIM                  | Azure Sentinel Information Model    |
+| Authorization System                   | CIEM supports AWS accounts, Azure Subscriptions, GCP projects as the Authorization systems     |
+| Authorization System Type                  | Any system which provides the authorizations by assigning the permissions to the identities, resources. CIEM supports AWS, Azure, GCP as the Authorization System Types     |
 | Cloud security        | A form of cybersecurity that protects data stored online on cloud computing platforms from theft, leakage, and deletion. Includes firewalls, penetration testing, obfuscation, tokenization, virtual private networks (VPN), and avoiding public internet connections.     |
-| CASB                  | Cloud Access Security Broker. Products and services that address security gaps in an organization’s use of cloud services. Designed to protect and control access to data that’s stored in someone else’s systems. Deliver differentiated, cloud-specific capabilities that may not be available as features in traditional security products. They provide a central location for policy and governance concurrently across multiple cloud services. They also provide granular visibility into and control over user activities and sensitive data from both inside and outside the enterprise perimeter, including cloud-to-cloud access.                   | 
 | Cloud storage         | A service model in which data is maintained, managed, and backed up remotely. Available to users over a network.                |
 | CIAM                 | Cloud Infrastructure Access Management     |
 | CIEM                 | Cloud Infrastructure Entitlement Management. The next generation of solutions for enforcing least privilege in the cloud. It addresses cloud-native security challenges of managing identity access management in cloud environments.      |
@@ -37,9 +37,9 @@ This glossary provides a list of some of the commonly used cloud terms in CloudK
 | CNAPP                | Cloud-Native Application Protection. The convergence of cloud security posture management (CSPM), cloud workload protection (CWP), cloud infrastructure entitlement management (CIEM), and cloud applications security broker (CASB). An integrated security approach that covers the entire lifecycle of cloud-native applications. | 
 | CSPM                 | Cloud Security Posture Management. Addresses risks of compliance violations and misconfigurations in enterprise cloud environments. Also focuses on the resource level to identify deviations from best practice security settings for cloud governance and compliance.      |
 | CWPP                  | Cloud Workload Protection Platform    |
-| DRI                   | Data risk index. A comprehensive, integrated representation of data risk.    |
-| Data risk management  | The process an organization uses when acquiring, storing, transforming, and using its data, from creation to retirement, to eliminate data risk.    |
+| Data Collector | Virtual entity which stores the data collection configuration |
 | Delete task          | A high-risk task that allows users to permanently delete a resource.     |
+| ED | Enterprise directory |
 | Entitlement          | An abstract attribute that represents different forms of user permissions in a range of infrastructure systems and business applications.|
 | Entitlement management     | Technology that grants, resolves, enforces, revokes, and administers fine-grained access entitlements (that is, authorizations, privileges, access rights, permissions and rules). Its purpose is to execute IT access policies to structured/unstructured data, devices, and services. It can be delivered by different technologies, and is often different across platforms, applications, network components, and devices. |
 | High-risk task       | A task in which a user can cause data leakage, service disruption, or service degradation.     |
@@ -51,6 +51,7 @@ This glossary provides a list of some of the commonly used cloud terms in CloudK
 | Identity lifecycle management | Maintain digital identities, their relationships with the organization, and their attributes during the entire process from creation to eventual archiving, using one or more identity life cycle patterns. |
 | IGA                   | Identity governance and administration. Technology solutions that conduct identity management and access governance operations. IGA includes the tools, technologies, reports, and compliance activities required for identity lifecycle management. It includes every operation from account creation and termination to user provisioning, access certification, and enterprise password management. It looks at automated workflow and data from authoritative sources capabilities, self-service user provisioning, IT governance, and password management. |
 | ITSM 	                | Information Technology Security Management. Tools that enable IT operations organizations (infrastructure and operations managers), to better support the production environment. Facilitate the tasks and workflows associated with the management and delivery of quality IT services.      |
+| JEP | Just Enough Permissions |
 | JIT	                | Just in Time access can be seen as a way to enforce the principle of least privilege to ensure users and non-human identities are given the minimum level of privileges. It also ensures that privileged activities are conducted in accordance with an organization’s Identity Access Management (IAM), IT Service Management (ITSM), and Privileged Access Management (PAM) policies, with its entitlements and workflows. JIT access strategy enables organizations to maintain a full audit trail of privileged activities so they can easily identify who or what gained access to which systems, what they did at what time, and for how long.     |
 | Least privilege        | Ensures that users only gain access to the specific tools they need to complete a task.  |
 | Multi-tenant	        | A single instance of the software and its supporting infrastructure serves multiple customers. Each customer shares the software application and also shares a single database.	                |
@@ -68,7 +69,6 @@ This glossary provides a list of some of the commonly used cloud terms in CloudK
 | Resource              | Any entity that uses compute capabilities can be accessed by users and services to perform actions. |
 | Role	                | An IAM identity that has specific permissions. Instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. A role doesn't have standard long-term credentials such as a password or access keys associated with.                  |
 | SCIM	                | System for Cross–domain Identity Management |
-| SCI–M 	            | Security Compliance Identity and Management    |
 | SIEM	                | Security Information and Event Management. Technology that supports threat detection, compliance and security incident management through the collection and analysis (both near real time and historical) of security events, as well as a wide variety of other event and contextual data sources. The core capabilities are a broad scope of log event collection and management, the ability to analyze log events and other data across disparate sources, and operational capabilities (such as incident management, dashboards, and reporting).      |
 | SOAR                  | Security orchestration, automation and response (SOAR). Technologies that enable organizations to take inputs from various sources (mostly from security information and event management [SIEM] systems) and apply workflows aligned to processes and procedures. These workflows can be orchestrated via integrations with other technologies and automated to achieve the desired outcome and greater visibility. Other capabilities include case and incident management features; the ability to manage threat intelligence, dashboards and reporting; and analytics that can be applied across various functions. SOAR tools significantly enhance security operations activities like threat detection and response by providing machine-powered assistance to human analysts to improve the efficiency and consistency of people and processes.    |
 | Super user / Super identity     | A powerful account used by IT system administrators that can be used to make configurations to a system or application, add or remove users, or delete data.  |
@@ -79,4 +79,4 @@ This glossary provides a list of some of the commonly used cloud terms in CloudK
 
 ## Next steps
 
-- For an overview of CloudKnox, see [What's CloudKnox Permissions Management?](cloudknox-overview.md).
+- For an overview of CloudKnox, see [What's CloudKnox Permissions Management?](cloudknox-overview.md).
