Navigating the Expanding
Attack Surface

Analyzing 210,000 cloud accounts, Unit 42® researchers found organizations are unwittingly giving adversaries opportunities to gain a foothold in the cloud.

Download The Report


60% of organizations take longer than four days to resolve security issues.


76% of organizations don’t enforce MFA for console users, and 58% of organizations don’t enforce MFA for root/admin users.


63% of codebases in production have unpatched vulnerabilities rated high or critical.

Unit 42
Cloud Threat
Volume 7

See what’s working in cloud-native security

Prisma Cloud Logo

Explore Prisma Cloud

Real-time visibility and prevention against new and emerging threats, all integrated into one solution.

Any cloud.
Any threat.
Across the full lifecycle.


83% of organizations have hard-coded credentials in their source control management systems.


51% of codebases depend on more than 100 open-source packages.


80% of alerts organizations receive are triggered by 5% of security rules.  

Cloud Threats In the Wild

Attack Path Analysis of Real-World Incidents

Attack Scenario 1

From SIM-Swap to Data Leak On the Dark Web

Attack Scenario 2

From Misconfigured Firewall to Cryptojacking Botnet

Keep Reading

Threats don't go away — they evolve. Explore our Unit 42 “Cloud Threat Report” archive to see what was on our radar — and what remains in our sights.