Security News > 2020 > May > Technologies in all layers of the cloud stack are at risk

Technologies in all layers of the cloud stack are at risk
2020-05-20 04:00

"Our report clearly describes how current security practices are grossly inadequate for protecting transient cloud infrastructures, and why more than 30 billion records have been exposed through cloud breaches in just the past two years," said Sachin Aggarwal, CEO at Accurics.

"As cloud stacks become increasingly complex, with new technologies regularly added to the mix, what's needed is a holistic approach with consistent protection across the full cloud stack, as well as the ability to identify risks from configuration changes to deployed cloud infrastructure from a baseline established during development."

"The shift to infrastructure as code enables this; organizations now have an opportunity to redesign their cloud security strategy and move away from a point solution approach."

Key takeaways from the research Misconfigurations of cloud native technologies across the full cloud native stack are a clear risk, increasing the attack surface, and being exploited by malicious actors.

Even in scenarios where infrastructure as code actually is being governed, there are continuing problems from privileged users making changes directly to the cloud once infrastructure is provisioned.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/o1LLqtiXHT0/