Help Center/
Well-Architected Framework/
Well-Architected Framework and Practices/
Security Pillar/
Infrastructure Security/
SEC05 Runtime Environment Security/
SEC05-03 Reducing Attack Surfaces of Resources
Updated on 2025-05-22 GMT+08:00
SEC05-03 Reducing Attack Surfaces of Resources
Enhance the OS, reduce unused components and external services, and use tools to improve cloud security and mitigate the attacks on resources.
- Risk level
High
- Key strategies
- Enhancing OS and reducing components: Reduce unused components, libraries, and external services to reduce risks caused by accidental access. This includes OS packages, applications, and external software modules in the code.
- Create secure VM images or container images.
- Use third-party tools for security analysis: Use third-party static code analysis tools and dependency check tools to identify typical security problems and vulnerabilities, ensuring code security and compliance.
- Applying various test methods: In addition to the use of tools, testing at the application level is also necessary, such as using fuzz testing to identify and fix potential vulnerabilities and errors.
- Related cloud services and tools
HSS
Parent topic: SEC05 Runtime Environment Security
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot