Account
Please wait, authorizing ...

Don't have an account? Register here today.

×

Report Reveals High Number of Cloud Security Incidents

seguridad nube

International. A recent study on the cloud found that in the last year more than 80% of organizations have experienced security incidents in this class of solutions, and 41% of engineers believe that security in this environment will be even more challenging as the next generation of cloud-native applications are deployed. WatchGuard Technologies reported.

What are the main initial vectors for cloud environments?
Account engagement: A Google Cloud analysis indicated that the main entry vector for cloud environments is brute force attacks, responsible for 51% of cyberattacks in the first quarter of this year.

Another common form of account compromise is the purchase of credentials on the dark web or credentials exposed in public repositories. This happens, mostly, because companies do not implement a multi-factor authentication (MFA) solution to secure their accounts.

- Exploitation of cloud applications: In IaaS environments where cloud customers manage their own web applications and systems, classic web application vulnerabilities are still common and exploitation is an effective way to access environments.

Exploiting vulnerable software is the second most compromised threat vector, accounting for 37% of cloud threat activity.

- Misconfiguration abuse: Misconfiguration within cloud architectures plays a key component when it comes to becoming potential victims. Management consoles without password protection or with default password are responsible for 30% of attacks of this type.

- Publicidad -

In addition, exposed server workloads account for 27% of threats. It is followed by overly permissive service or user accounts (25%), publicly exposed web servers without WAF (Web Application Firewall) and/or a load balancer (23%), VMs or containers running as root (22%), management interfaces without multi-factor authentication (22%), traffic to disallowed IPs (22%), disabled logging (19%) and open management ports (19%).

Phishing: Phishing also poses a threat to cloud environments. Many times administrators are tricked through email to enter pages that emulate those of Cloud providers, resulting in the theft of credentials when entering their account from the fraudulent portal.

WatchGuard Technologies specialists recommend 4 steps to a secure cloud.
-Adopt cyber hygiene practices such as the use of multi-factor authentication to protect access to accounts,
-Be aware of possible cases of phishing,
-Update and patch the softwares
-Ensure that you have a correct configuration of the elements that are part of the Cloud architecture.

Duván Chaverra Agudelo
Author: Duván Chaverra Agudelo
Jefe Editorial en Latin Press, Inc,.
Comunicador Social y Periodista con experiencia de más de 16 años en medios de comunicación. Apasionado por la tecnología y por esta industria. [email protected]

No thoughts on “Report Reveals High Number of Cloud Security Incidents”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis
SUBSCRIBE TO OUR ENGLISH NEWSLETTER
DO YOU NEED A SERVICE OR PRODUCT QUOTE?
LATEST INTERVIEWS

Webinar: Por qué elegir productos con certificaciones de calidad

Por: Eduardo Cortés Coronado, Representante Comercial - SECO-LARM USA INC La importancia de utilizar productos certificados por varias normas internacionales como UL , Ul294, CE , Rosh , Noms, hacen a tus instalciones mas seguras y confiables además de ser un herramienta más de venta que garantice nuestro trabajo, conociendo qué es lo que certifica cada norma para así dormir tranquilos sabiendo que van a durar muchos años con muy bajo mantenimiento. https://www.ventasdeseguridad.com/2...

Webinar: Anviz ONE - Solución integral para pymes

Por: Rogelio Stelzer, Gerente comercial LATAM - Anviz Presentación de la nueva plataforma Anviz ONE, en donde se integran todas nuestras soluciones de control de acceso y asistencia, video seguridad, cerraduras inteligentes y otros sensores. En Anviz ONE el usuario podrá personalizar las opciones según su necesidad, de forma sencilla y desde cualquier sitio que tenga internet. https://www.ventasdeseguridad.com/2...

Webinar: Aplicaciones del IoT y digitalización en la industria logística

Se presentarán los siguientes temas: • Aplicaciones del IoT y digitalización en la industria logística. • Claves para decidir el socio en telecomunicaciones. • La última milla. • Nuevas estrategias de logística y seguimiento de activos sostenibles https://www.ventasdeseguridad.com/2...

Sesión 5: Milestone, Plataforma Abierta que Potencializa sus Instalaciones Manteniéndolas Protegidas

Genaro Sanchez, Channel Business Manager - MILESTONE https://www.ventasdeseguridad.com/2...

Sesión 4: Videovigilancia con Inteligencia Artificial para seguridad, procesos y mercado.

Luis Miguel Dávila, Area Sales Manager Central America and Caribbean Hanwha Vision - HANWHA
Load more...
SITE SPONSORS










LATEST NEWSLETTER
Latest Newsletter