IAM the first line of defense.
Palo Alto Networks Unit 42 cloud threat researchers wanted to understand who targets cloud infrastructure, how they carry out those attacks, and what they target. Through analyzing 680,000+ cloud identities across 18,000 cloud accounts from over 200 organizations, the answer became clear: overly permissive and poorly-written Identity and Access Management (IAM) policies open the door for malicious actors to target organizations’ cloud infrastructures.
These malicious actors increasingly utilize new tactics, techniques, and procedures (TTPs) unique to the cloud. To combat this growing threat, the Unit 42 threat research team compiled an industry-first Cloud Threat Actor Index to help organizations understand how these threat actors are able to target IAM credentials so they can prevent it from happening.
Unit 42’s findings indicate that many organizations have a long journey ahead of them to achieve secure IAM. In this edition of the Unit 42 Cloud Threat Report, our researchers explain how Cloud Threat Actors and Identity and Access Management go hand-in-hand, and provide three specific recommendations for how organizations can take action now to stay protected.
Keep up with the latest cloud threat research with a preview of their findings in this executive summary.