/plushcap/analysis/datadog/datadog-cloud-security-study-learnings-2024

Key learnings from the 2024 State of Cloud Security study

What's this blog post about?

The 2024 State of Cloud Security study reveals that long-lived cloud credentials continue to pose security risks and expose cloud identities. Adoption of IMDSv2 in AWS is rising but still insufficient, while use of public access blocks on storage buckets varies across cloud platforms. Many cloud workloads have non-administrator permissions allowing them to access sensitive data or escalate their privileges. Managed Kubernetes clusters across AWS, Azure, and Google Cloud are directly exposed to the internet with risky permissions. Most cloud incidents are caused by compromised cloud credentials. To improve security posture, organizations should minimize long-lived cloud credentials, enforce IMDSv2 on Amazon EC2 instances, block public access proactively on cloud storage services, limit privileges assigned to cloud workloads, apply cloud-specific tuning to managed Kubernetes clusters, and secure IAM roles used for third-party integrations. Datadog Cloud Security Management (CSM) can help identify these issues and provide recommendations for improvement.

Company
Datadog

Date published
Oct. 21, 2024

Author(s)
Christophe Tafani-Dereeper

Word count
2581

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.