Public Clouds & Shared Responsibility: Lessons from Vulnerability Disclosure

2021-10-26 21:22

Much is made of shared responsibility for cloud security.

Some of this migration is to public clouds such as Amazon Web Services and Microsoft Azure.

The vulnerability and accompanying exploit were disclosed on Feb. 11, 2019, coincident with all the major cloud service providers patching the vulnerability.

The Bad. More recently, in August, Microsoft made public a vulnerability reported in Azure Cosmos DB, the scalable NoSQL database delivered in a PaaS model.

As if to reinforce that point, attacks on this vulnerability commenced almost immediately upon disclosure of the vulnerability and mitigation/patching had to be a coordinated affair - with Microsoft patching the Linux images it supplies and customers needing to patch already running versions of the old images.

Being on public clouds is good when a sweeping vulnerability such as the container escape is discovered.

News URL

https://threatpost.com/public-clouds-shared-responsibility-vulnerability/175778/

#cloud #disclosure #vulnerability

News URL

Related news