Navigating the Expanding
Attack Surface

Analyzing 210,000 cloud accounts, Unit 42™ researchers found organizations are unwittingly giving adversaries opportunities to gain a foothold in the cloud.

Download The Report

60%

60% of organizations take longer than four days to resolve security issues.

76%

76% of organizations don’t enforce MFA for console users, and 58% of organizations don’t enforce MFA for root/admin users.

63%

63% of codebases in production have unpatched vulnerabilities rated high or critical.


Unit 42
Cloud Threat
Report,
Volume 7

See what’s working in cloud-native security

Prisma Cloud Logo

Explore Prisma Cloud

Real-time visibility and prevention against new and emerging threats, all integrated into one solution.

Any cloud.
Any threat.
Across the full lifecycle.


83%

83% of organizations have hard-coded credentials in their source control management systems.

51%

51% of codebases depend on more than 100 open-source packages.

80%

80% of alerts organizations receive are triggered by 5% of security rules.  


Cloud Threats In the Wild

Attack Path Analysis of Real-World Incidents

Attack Scenario 1

From SIM-Swap to Data Leak On the Dark Web

Attack Scenario 2

From Misconfigured Firewall to Cryptojacking Botnet

Keep Reading

Threats don't go away — they evolve. Explore our Unit 42 “Cloud Threat Report” archive to see what was on our radar — and what remains in our sights.