Security News > 2021 > July > Survey Shows Reasons for Cloud Misconfigurations are Many and Complex
Using 'policy as code' helps the security team to be a cloud highway builder rather than a cloud toll booth operator.
The NSA's guidance on mitigating cloud vulnerabilities described misconfiguration as the most common cloud vulnerability.
A new Fugue/Sonatype report, The State of Cloud Security 2021, confirms the issue as cloud professionals' biggest concern, and delves into the causes and possible solutions to the problem.
Fugue surveyed more than 300 cloud professionals, including cloud engineers, cloud security engineers, DevOps, and cloud architects, to better understand the risks, costs, and challenges of managing cloud security at scale.
The most prevalent attacks against the cloud correlate with the most common misconfigurations experienced by the respondents.
The primary problem for cloud security is a combination of the complexity of corporate cloud infrastructures and the hackers' use of large-scale automation to look for known errors, such as misconfigurations or exploitable versions of software.