The cloud is a primary target for attackers, and protecting your cloud assets should be a top priority. The 2023 Qualys TotalCloud Security Insights report provides data-backed Risk Facts to help your team ensure effective cloud protection
The research and analysis completed by the Qualys Threat Research Unit will help stakeholders understand what to prioritize and how to remediate the most prevalent cloud risks.
Download the 2023 Qualys Cloud Security Research Insights report to better understand your organization’s cloud security needs. Learn how to better communicate threat data to executives and leaders who might need help understanding cloud security within a cyber risk context.
Key findings and risk facts:
Cloud misconfigurations are the most critical issues related to securing cloud environments. Misconfigurations amplify risks for data breaches. The research findings indicate that, on average, 50 percent of CIS Benchmarks are failing across the three major providers.
Approximately 4 percent of cloud assets within more than 50 million scanned are external-facing, which means they have public IP addresses and are visible to attackers. This risk is equivalent to knowing that petty thieves are prowling your neighborhood and seeking open car doors and unlocked windows — any of which can lead to damage if not addressed.
Weaponized vulnerabilities allow attackers to enter and move within your cloud. For example, Log4Shell is a major external-facing vulnerability. The report indicates that Log4Shell is still woefully under remediated with 68.44 percent of detections being unpatched on external-facing cloud assets.
Exploitation is when adversaries begin their attacks. The data show that the two greatest threats to cloud assets are cryptomining and malware; both are designed to provide a foothold into your environment or facilitate lateral movement.
For example: Denonia malware is the first strain to specifically target AWS Lambda. Looking at controls outside of CIS benchmarks, seven of the controls fail more than 50 percent of the time.
Stealthy malware often hides in Linux containers and can evade detection for months. Legacy signature-based techniques cannot create and deploy signatures fast enough to help. A new approach uses deep learning AI technology for sub-second discovery of advanced malware in containers and complex network traffic flows.
Our data analysis highlights the significant value of using automated patch management. Automation accelerates the remediation process and reduces the number of unresolved vulnerabilities. Key findings for remediation include:
For non-Windows patching, the use of automation improves the patch rate by almost 8 percent and cuts the time-to-remediate by two days.
Cloud technical debt poses a major challenge for remediation. More than 60 million applications discovered during our investigation are end-of-support or end-of-life. During the next 12 months, more than 35,000 applications will transition to end-of-support — no more security updates! Critical categories include databases, web servers, and security software.