Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Zone Masergy Zenith Partner Program Newsroom Intel Partner Connect Digital Newsroom Dell Technologies Newsroom IBM Newsroom Juniper Newsroom The IoT Integrator NetApp Data Fabric Intel Tech Provider Zone

12 Biggest Cloud Threats And Vulnerabilities In 2020

From misconfigured storage buckets and excess privileges to Infrastructure as Code (IoC) templates and automated attacks, here’s a look at 12 of the biggest cloud threats technical experts are worried about this year.

Back 1 ... 7   8   9   10   11   ... 13 Next

5. Infrastructure As Code Templates

Developers are increasingly using templates they’ve found in places like GitHub as the basic building blocks for their cloud infrastructure, but putting these templates right into the cloud often introduces misconfigurations in the environment, according to Matt Chiodi, Palo Alto Networks’ chief security officer of public cloud.

Given the massive number of cloud migrations happening, Chiodi said DevOps teams have begun using these templates over the past two years to build and scale quickly. Developers typically start by only using these templates in a dev environment, but they’ll often end up in production environments with cloud storage logging disabled, meaning that potential security events can’t be identified or attributed.

Most templates are created through a three-step design, code and deploy process that too often doesn’t include a fourth step of scanning these templates for security issues, according to Chiodi. As a result, Chiodi said nearly 200,000 Infrastructure as Code templates have high or medium security vulnerabilities, which can result in unnecessary exposure to attackers.

Back 1 ... 7   8   9   10   11   ... 13 Next

sponsored resources