Key learnings from the State of Cloud Security study
The State of Cloud Security study analyzed the security posture of thousands of organizations using AWS, Azure, and Google Cloud. Key findings include long-lived cloud credentials exposing cloud identities, inconsistent enforcement of multi-factor authentication (MFA), insufficient adoption of IMDSv2 in AWS, varying use of public access blocks on storage buckets across platforms, and non-administrator permissions allowing access to sensitive data or privilege escalation. Recommendations include minimizing long-lived cloud credentials, enforcing MFA for cloud users, using IMDSv2 on Amazon EC2 instances, blocking public access proactively on cloud storage services, limiting privileges assigned to cloud workloads, and limiting network exposure of cloud workloads. Datadog Cloud Security Management (CSM) can help organizations improve their security posture by identifying long-lived cloud credentials, tracking down stale cloud credentials, enforcing MFA for cloud users, using IMDSv2 on Amazon EC2 instances, finding overprivileged roles, and finding publicly exposed workloads.
Company
Datadog
Date published
Nov. 16, 2023
Author(s)
Christophe Tafani-Dereeper
Word count
2360
Language
English
Hacker News points
None found.