How to rethink risks with new cloud deployments

2021-06-21 05:00

Infrastructures change, attack surfaces reduce and multiply and, not surprisingly, your cloud environment advances.

Often with lateral attacks, the attacker first gains access to key pairs and sets up a temporary credential using specific commands.

Attacks such as SQL injection, OS command injection, and code injection remain as risks for organizations, whether in traditional or modern microservice environments.

Attackers will look for things like a forgotten resource or redundant code, or open APIs with known security gaps to gain access to the environment.

How can unlinked triggers, unprotected files, and directories impact your security posture? A few examples may include an attacker trying to identify a misconfigured area so that they can gain access and cause denial of service, or to leak sensitive data.

It is important for security teams to understand how the threat landscape will evolve with the newly emerging deployment models and changing attack surfaces.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/kt4ZrQBBOMg/

#cloud