Report finds that long-lived credentials
remain a common cause for cloud security breaches
NEW
YORK, Nov. 15, 2023 /PRNewswire/
-- Datadog, Inc. (NASDAQ: DDOG), the monitoring and
security platform for cloud applications, today released its new
report, The State of Cloud Security 2023. Datadog analyzed
security posture data from thousands of organizations using AWS,
Azure or Google Cloud for the report, focusing particularly on
understanding how organizations approach and mitigate common risks
that frequently lead to documented public cloud security
incidents.
The report found that organizations still face significant
challenges when it comes to securing their cloud environments.
Long-lived credentials, in particular, continue to be a widespread
problem. These types of credentials are widely regarded as
insecure, not only because they never expire but also because they
can easily be leaked in source code, container images or
configuration files. They remain one of the most common causes of
security breaches in the cloud.
Other key findings from the report include:
- Multi-factor authentication (MFA) is not proactively
enforced: In October 2023, 20.3%
of IAM users that had authenticated to the AWS Console had done so
without using MFA and 20.7% of Azure AD users that had
authenticated had done so without MFA.
- Adoption of AWS IMDSv2 is rising but still insufficient:
Although it's critical to protect against server-side request
forgery attacks in AWS, only 21% of EC2 instances enforce IMDSv2,
up from 7% last year.
- A substantial portion of cloud workloads are excessively
privileged: 37% of Google Cloud VMs and 23% of EC2 instances
have sensitive permissions that would allow an attacker to gain
privileged access or wide data access in a cloud environment.
- Publicly exposed virtual machines pose a risk to cloud
environments: 7% of EC2 instances, 3% of Azure VMs and 12% of
Google Cloud VMs have at least one port allowing traffic from the
internet, leaving them at risk of brute-force attacks.
"Cloud security posture has significantly improved as providers
deliver more secure defaults on their platforms and as
organizations gain a greater understanding of security risks," said
Jeremy Garcia, VP of Technical
Community and Open Source at Datadog. "However, there is still a
lot of work to be done. Issues like long-lived credentials, MFA
adoption and public VM exposure can be difficult to identify,
prioritize and fix. The best defense, along with a deeper awareness
of security risks, is to continuously scan for and fix
misconfigurations and vulnerabilities so that breaches can be
avoided before they happen."
The State of Cloud Security 2023 is available now.
For the full results, please visit:
https://www.datadoghq.com/state-of-cloud-security/. To learn how
Datadog helps companies secure their cloud environments, visit:
https://www.datadoghq.com/product/cloud-security-management/.
About Datadog
Datadog is the observability and security platform for cloud
applications. Our SaaS platform integrates and automates
infrastructure monitoring, application performance monitoring, log
management, real-user monitoring, and many other capabilities to
provide unified, real-time observability and security for our
customers' entire technology stack. Datadog is used by
organizations of all sizes and across a wide range of industries to
enable digital transformation and cloud migration, drive
collaboration among development, operations, security and business
teams, accelerate time to market for applications, reduce time to
problem resolution, secure applications and infrastructure,
understand user behavior, and track key business metrics.
Forward-Looking Statements
This press release may include certain "forward-looking
statements" within the meaning of Section 27A of the Securities Act
of 1933, as amended, or the Securities Act, and Section 21E of the
Securities Exchange Act of 1934, as amended including statements on
the benefits of new products and features. These forward-looking
statements reflect our current views about our plans, intentions,
expectations, strategies and prospects, which are based on the
information currently available to us and on assumptions we have
made. Actual results may differ materially from those described in
the forward-looking statements and are subject to a variety of
assumptions, uncertainties, risks and factors that are beyond our
control, including those risks detailed under the caption "Risk
Factors" and elsewhere in our Securities and Exchange Commission
filings and reports, including the Quarterly Report on Form 10-Q
filed with the Securities and Exchange Commission on May 5, 2023, as well as future filings and
reports by us. Except as required by law, we undertake no duty or
obligation to update any forward-looking statements contained in
this release as a result of new information, future events, changes
in expectations or otherwise.
Contact
Dan
Haggerty
press@datadoghq.com
View original content to download
multimedia:https://www.prnewswire.com/news-releases/datadog-releases-2023-state-of-cloud-security-report-301989329.html
SOURCE Datadog, Inc.