Adoption of cloud guardrails is on the increase though.
Persistent credentials in source code and container images continue to be a major risk for organizations across all cloud providers.
According to new research from Datadog, 46 percent of organizations are still have unmanaged users with these long-lived credentials. Typically these credentials have an access key older than one year, and they are leaked in source code, container images, build logs and application artifacts, making them a major security risk.
However the adoption of cloud guardrails is on the rise, with 79 percent of S3 buckets covered by an account-wide or bucket-specific S3 Public Access Block, up from 73 percent a year ago.
Andrew Krug, head of security advocacy at Datadog: “The report found that most cloud security incidents are caused by compromised credentials. To protect themselves, companies need to secure identities with modern authentication mechanisms, leverage short-lived credentials and actively monitor changes to APIs that attackers commonly use.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
