[](https://www.paloaltonetworks.com/?ts=markdown)

*** ** * ** ***

Navigating the Expanding
Attack Surface
===

![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/unit-42-cloud-threat-report/thumb.png)  
Analyzing 210,000 cloud accounts, Unit 42^®^ researchers found organizations are unwittingly giving adversaries opportunities to gain a foothold in the cloud.
Download The Report

## Today's Top Cloud Challenges

Research indicates misconfigurations and accelerated cloud adoptions leave orgs exposed to risk.
Threat actors have become adept at exploiting common, everyday issues in the cloud, such as misconfigurations, weak credentials, lack of authentication, unpatched vulnerabilities and malicious OSS packages.

*** ** * ** ***

60%

### **60%** of organizations take longer than four days to resolve security issues.

Read more  
76%

### **76%** of organizations don't enforce MFA for console users, and 58% of organizations don't enforce MFA for root/admin users.

Learn why it's critical  
63%

### **63%** of codebases in production have unpatched vulnerabilities rated high or critical.

Start closing gaps today

*** ** * ** ***

Unit 42
Cloud Threat
Report,
Volume 7
---

See what's working in cloud-native security  
Get the report  
![Prisma Cloud Logo](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cloud-native-sec-rep/prisma-cloud-logo-detailed.svg)

### Explore Prisma Cloud

Real-time visibility and prevention against new and emerging threats, all integrated into one solution.  
Get comprehensive security from code to cloud^TM^

### Any cloud.

Any threat.
Across the full lifecycle.

Get comprehensive security from code to cloud

*** ** * ** ***

83%

### **83%** of organizations have hard-coded credentials in their source control management systems.

Learn why that's important  
51%

### **51%** of codebases depend on more than 100 open-source packages.

See how to address that issue  
80%

### **80%** of alerts organizations receive are triggered by 5% of security rules.

Get the deeper analysis now

*** ** * ** ***

## Cloud Threats In the Wild

### Attack Path Analysis of Real-World Incidents

### Attack Scenario 1

From SIM-Swap to Data Leak On the Dark Web  
[View Infographic](https://www.paloaltonetworks.com/resources/infographics/unit-42-cloud-threat-report-volume-7-SIM-swap-attack-analysis?ts=markdown)

### Attack Scenario 2

From Misconfigured Firewall to Cryptojacking Botnet  
[View Infographic](https://www.paloaltonetworks.com/resources/infographics/unit-42-cloud-threat-report-volume-7-cryptojacking-botnet-attack-analysis?ts=markdown)

## Keep Reading

### Threats don't go away --- they evolve. Explore our Unit 42 "Cloud Threat Report" archive to see what was on our radar --- and what remains in our sights.

RESEARCH REPORT

### Unit 42 Cloud Threat Report, Vol. 3: Identity and Access Management: Never Trust, Always Verify

[Read the full report](https://www.paloaltonetworks.com/resources/research/unit-42-cloud-threat-report-2h-2020?ts=markdown)  
RESEARCH REPORT

### Unit 42 Cloud Threat Report, Vol. 4: The COVID-19 Conundrum: Cloud Security Impact and Opportunity

[Read the full report](https://www.paloaltonetworks.com/resources/research/unit42-cloud-threat-report-2021?ts=markdown)  
RESEARCH REPORT

### Unit 42 Cloud Threat Report, Vol. 5: Secure the Software Supply Chain to Secure the Cloud

[Read the full report](https://www.paloaltonetworks.com/resources/research/unit-42-cloud-threat-report-2h-2021?ts=markdown)  
RESEARCH REPORT

### Unit 42 Cloud Threat Report, Vol. 6: Identity and Access Management (IAM) The First Line of Defense

[Read the full report](https://www.paloaltonetworks.com/resources/research/unit-42-cloud-threat-report-volume-6?ts=markdown)  
PrevNext

## Get your copy now!

First Name  
Last Name  
Work Email  
Company  
Job LevelSelect a job level  
Job Function/Focus AreaSelect a job function  
Phone  
CountryCountry  
Department  
StateState  
ProvinceState  
Zip Code  
By submitting this form, I understand my personal data will be processed in accordance with [Palo Alto Networks Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) and [Terms of Use.](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.
Get the report  
![Unit 42 Report Thumbnail](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/unit-42-cloud-threat-report/thumb.png)

## Your report is ready for download

We hope you find our research and recommendations valuable as you build a more comprehensive, holistic cloud security strategy.  
[Start Reading](https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/reports/unit42-cloud-threat-report-volume7.pdf?ts=markdown)  
Share  
![twitter](https://www.paloaltonetworks.com/content/dam/pan/en_US/microsite/share-twitter.svg)Twitter![facebook](https://www.paloaltonetworks.com/content/dam/pan/en_US/microsite/share-facebook.svg)facebook![linkedin](https://www.paloaltonetworks.com/content/dam/pan/en_US/microsite/share-linkedin.svg)linkedin[![email](https://www.paloaltonetworks.com/content/dam/pan/en_US/microsite/share-email.svg)](mailto:?Subject=The%20State%20of%20Cloud%20Native%20Security&Body=We%20hope%20you%20find%20this%20report%20insightful%20as%20you%20work%20towards%20securing%20your%20cloud%20and%20cloud%20native%20workloads%20at%20https%3A//www.paloaltonetworks.com/state-of-cloud-native-security)  
[Learn more about Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)  
![](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/unit-42-cloud-threat-report/thumb.png)

### Get the latest news, invites to events, and threat alerts

Your email

By submitting this form, I understand my personal data will be processed in accordance with [Palo Alto Networks Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) and [Terms of Use.](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)

This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
Sign up  
[![black youtube icon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)[![black twitter icon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-black.svg)](https://twitter.com/PaloAltoNtwks)[![black facebook icon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)[![black linkedin icon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)  
EN

* USA (ENGLISH)
* [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
* [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
* [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
* [CHINA (简体中文)](https://www.paloaltonetworks.cn)
* [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
* [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
* [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
* [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
* [JAPAN (日本語)](https://www.paloaltonetworks.jp)
* [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
* [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
* [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
* [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
* [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
* [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
* [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

### Popular Resources

* [Blog](https://www.paloaltonetworks.com/blog)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Investors](https://investors.paloaltonetworks.com/investor-relations/overview/default.aspx)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)

### Legal Notices

* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

### Popular Links

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/tech-certs?ts=markdown)
  [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure) [Create an account or login](https://www.paloaltonetworks.com/login?ts=markdown)  
  Copyright © 2024 Palo Alto Networks. All rights reserved