CLOUD THREAT REPORT: NAVIGATING THE EXPANDING ATTACK SURFACE

Public clouds offer the agility, scalability, and security that on-premises data centers cannot match. In particular, their modern security features can help more effectively secure cloud workloads if implemented correctly. However, the fast evolution and growth of cloud workloads—as well as the complexity of managing hybrid and multicloud environments—cause many organizations to fall behind the curve and inadvertently introduce security weaknesses into their environments, as evidenced by the many legacy resources, vulnerabilities, and insecure configurations we’ve witnessed. These gaps give adversaries significant opportunities to gain a foothold in the cloud.

To provide security leaders and practitioners with a multifaceted view of cloud security, Unit 42’s Cloud Threat Report takes a comprehensive look at the current cloud security landscape using the large-scale data collected in 2022. We examine real breaches that impacted medium and large-size companies, detail the issues observed in thousands of multicloud environments, and analyze the impact of open-source software (OSS) vulnerabilities on the cloud.