• Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
  • magnifying glass search icon to open search field
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
Palo Alto Networks logo
  • Products
  • Solutions
  • Services
  • Partners
  • Company
  • More
  • Sign In
    Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
    Language
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
  • Unit 42 Threat Intelligence

Research Reports

Unit 42 Cloud Threat Report, Volume 6

Apr 12, 2022
asset thumbnail

Cloud Threat Actors Have IAM Misconfigurations in Sight

As the cloud evolves, so should your security strategy. But before you commit to a plan, make sure your cloud security teams are asking the right questions. These include:

  • Who is attacking cloud infrastructure?
  • How are they doing this?
  • What are they targeting?

Knowing what makes you a more vulnerable target is just as important. Misconfigurations tend to be at the center of the majority of known cloud security incidents, and poorly written identity and access management (IAM) policies are often the culprits. While IAM is a complex component that governs the authentication and authorization of every resource in a cloud environment, it is also the most critical because of its role as the first line of defense against attack. 

For this edition of the “Cloud Threat Report,” the Unit 42 Cloud Threat Research team wanted to understand how cloud security teams today implement IAM and where the gaps in protection are. 

Analyzing 680,000+ identities across 18,000 cloud accounts from over 200 different organizations was shocking. Unit 42 found a staggering 99% of the cloud users, roles, services and resources were granted excessive permissions, which were left unused. 

The result? Bad actors have an open door to utilize cloud-specific tactics, techniques and procedures (TTPs) to gain wider access to organizations’ cloud environments. 

Download your copy of this report for a deep dive into:

  • Who attacks cloud infrastructure, how they carry out these attacks and what they target.
  • Why effective IAM is essential to achieving security, and more eye-opening statistics around the current state of IAM for most organizations.
  • Recommendations on how to protect your organization from being targeted.

Get your free copy now.

Download
Share page on facebook Share page on linkedin Share page by an email
Related Resources

Access a wealth of educational materials, such as datasheets, whitepapers, critical threat reports, informative cybersecurity topics, and top research analyst reports

See all resources

Get the latest news, invites to events, and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

black youtube icon black twitter icon black facebook icon black linkedin icon
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Investors
  • Products A-Z
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Customers
  • Careers
  • Contact Us
  • Manage Email Preferences
  • Newsroom
  • Product Certifications
Report a Vulnerability
Create an account or login

Copyright © 2023 Palo Alto Networks. All rights reserved