Developing in the cloud introduces unique challenges for protecting applications, resources, and data. The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) address these hurdles in their list of cloud security strategies, which echo the recommendations of cloud providers, researchers, engineers, and security vendors. To mitigate cloud risk, Datadog publishes timely insights, tools, and recommendations through its State of Cloud Security report and shares key findings to highlight the complexities of cloud security and explain why addressing them is vital. The company has compiled a roundup of its research, findings, and guides from 2024 and previous years, as well as insights into how it has integrated these strategies with its products and day-to-day operations. This post focuses on securing cloud infrastructure and data, and managing complex cloud permissions and access controls, and shares research, guides, and practical steps for securely configuring cloud secrets, permissions, and IAM policies.