About

Author headshot

TLDR: Cloudsecurity.org is an independent directory of cloud security tools, curated to help CTOs and security professionals discover and compare available solutions for their cloud security needs.

Where Cloud Meets Security

Hi, my name is Craig Balding and I started Cloudsecurity.org because I could see the cloud was going to become a massive part of the tech landscape—and back then, not many security practitioners were really digging into the risks and challenges it would bring.

It started as a blog in the late 2000s, where I shared hands-on advice and ideas to help security folks get involved with cloud security. The goal wasn't just to think about the cloud but to actually get into the weeds, try things out, and spot the gaps that needed fixing.

The blog took off quickly, and I published dozens of posts between 2008 and 2010. But then work got in the way. I moved into roles that kept me busy learning and doing cloud security behind the scenes—first at GE for nearly 20 years, then at Barclays PLC as Group Security CTO, where I was accountable for cloud security at the group level.

In 2017, I left the corporate world to go independent. Since then, I've helped hundreds of organizations secure their cloud environments, whether they're working with public, hybrid, or private clouds.

Along the way, I kept getting asked the same question: What tools would you recommend? That's what inspired me to bring Cloudsecurity.org back—this time as an independent directory of useful cloud security tools and resources.

What You'll Find Here

Cloudsecurity.org is a comprehensive directory designed to help security professionals and CTOs discover the broad landscape of available cloud security tools.

The tools featured here come from various sources including:

  • Hands-on consulting experience
  • Community-curated resources like GitHub awesome lists
  • The CloudSecList newsletter
  • Direct submissions from the security community

The directory includes:

  • Tech startups
  • Open-source projects
  • Major cloud provider tools

While I've personally used some of these tools in my work, this site aims to be a comprehensive resource rather than a personal recommendation list. The goal is to present clear, factual information about each tool to help you make informed decisions about what might work for your specific needs.

Down the road, I plan to expand the site to include recommendations for:

  • Books
  • Courses
  • Videos
  • Research papers

Why I Built This

This site emerged from my experience in cloud security and the recurring challenge of finding the right tools for specific needs. I've seen how complex the landscape can get, and I wanted to create a comprehensive resource that makes it easier to discover and compare available solutions.

Cloudsecurity.org is:

  • Independent: An unbiased collection of available tools
  • Comprehensive: Covering the broad spectrum of cloud security solutions
  • Straightforward: Clear, factual information to aid decision-making

My Goal

I want this site to be the go-to resource for anyone trying to make sense of cloud security. Whether you're just starting out or you've been doing this for years, my goal is to help you get what you need faster so you can focus on solving real cloud security challenges.

Cloud computing isn't getting any simpler, but that doesn't mean finding the right tools has to be hard.