The Latest Palo Alto Networks News
Product and Solution Information, Press Releases, Announcements
Palo Alto Networks Report Finds Poor Security Hygiene Leads to Escalating Cloud Vulnerabilities | |
Posted: Wed Feb 05, 2020 10:55:32 AM | |
Unit 42 Cloud Threat Report uncovers 199,000 insecure cloud templates, finds 43% of cloud databases unencrypted SANTA CLARA, Calif., Feb. 5, 2020 /PRNewswire/ -- Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today released research showing how vulnerabilities in the development of cloud infrastructure are creating significant security risks. The Unit 42 Cloud Threat Report: Spring 2020 investigates why cloud misconfigurations happen so frequently. It finds that as organizations move to automate more of their cloud infrastructure build processes, they are adopting and creating new infrastructure as code (IaC) templates. Without the help of the right security tools and processes, these infrastructure building blocks are being crafted with rampant vulnerabilities. Key findings include:
The report was conducted by Unit 42's cloud research team using a combination of publicly available data and proprietary data from Palo Alto Networks. While IaC offers organizations the benefit of enforcing security standards in a systematic way, this research shows that this capability is not yet being harnessed. Matthew Chiodi, chief security officer of public cloud for Palo Alto Networks, notes: "It only takes one misconfiguration to compromise an entire cloud environment. We found 199,000 of them. The good news is infrastructure as code can offer security teams many benefits, such as enabling security to be injected early into the software development process and embedding it into the very building blocks of an organization's cloud infrastructure." As the Unit 42 Cloud Threat Report continues to highlight increasing security risks in cloud environments, Prisma™ Cloud by Palo Alto Networks delivers comprehensive security for cloud native applications throughout the development lifecycle, in and across any cloud. Prisma Cloud is the only Cloud Native Security Platform (CNSP) that delivers best-in-class capabilities in all key areas: visibility, governance and compliance, compute security, network protection, and identity security. |