HTMD Community | Cloud Security Research Paper | Web App attacks | OSS Dependency and Risk of Apps #Security #Risk @htmdcommunity | Uploaded 1 year ago | Updated 1 day ago
In this short video, let's discuss Cloud Security Research Paper | Web App attacks | OSS Dependency and Risk of Apps
#securitypolicies #Risk #reasearch #msintune #msintune #paloaltonetworks
Cloud users repeatedly make the same mistakes. In most organizations’ cloud environments, 5% of the security rules trigger 80% of the alerts.
==
Key Points Cloud Security Research Paper 2023
3% of the organizations have hard-coded credentials in their source control management systems
From CTR Vol. 6, 99% of the cloud identities are overly permissive.
6% of the cloud storage buckets contain sensitive information.
61% of cloud accounts have storage buckets that don’t enable access logging.
CVE-2021-40438 is one of the top 10 Common Vulnerabilities and Exposures (CVEs) identified in exposed cloud hosts
85% of organizations have hard-coded credentials in virtual machines’ user data.
==
Web Application High-Risk
9 of the top 10 vulnerabilities on internet-facing cloud hosts belong to web/API applications.
• XSS, SQL injection, CSRF, and directory traversal vulnerabilities account for 54% of the
top 10 vulnerabilities in 2022.
• The growth rate of web-centric vulnerabilities (XSS, SQLI, CSRF, directory traversal) was
1.9 times faster than the average in 2021
====
Non Patched Vulnerabilities
Among the source code repositories in the production environments, we analyzed:
• 63% of the repositories have High or Critical vulnerabilities.
• 51% of the vulnerabilities (High or Critical) are at least two years old.
Among the internet-facing services that host in public clouds:
• 11% of exposed hosts contain High or Critical vulnerabilities.
• 71% of exposed vulnerabilities (High or Critical) are at least two years old.
==
OSS Package Dependency
51% of codebases depend on more than 100 open-source packages.
• On average, each repository has 113 dependent OSS packages.
• 77% of packages are non-root packages, and 77% of vulnerabilities are introduced by the non-root packages.
• The number of vulnerabilities and security issues in a cloud workload is proportional to the number
of external assets the workload depends on.
In this short video, let's discuss Cloud Security Research Paper | Web App attacks | OSS Dependency and Risk of Apps
#securitypolicies #Risk #reasearch #msintune #msintune #paloaltonetworks
Cloud users repeatedly make the same mistakes. In most organizations’ cloud environments, 5% of the security rules trigger 80% of the alerts.
==
Key Points Cloud Security Research Paper 2023
3% of the organizations have hard-coded credentials in their source control management systems
From CTR Vol. 6, 99% of the cloud identities are overly permissive.
6% of the cloud storage buckets contain sensitive information.
61% of cloud accounts have storage buckets that don’t enable access logging.
CVE-2021-40438 is one of the top 10 Common Vulnerabilities and Exposures (CVEs) identified in exposed cloud hosts
85% of organizations have hard-coded credentials in virtual machines’ user data.
==
Web Application High-Risk
9 of the top 10 vulnerabilities on internet-facing cloud hosts belong to web/API applications.
• XSS, SQL injection, CSRF, and directory traversal vulnerabilities account for 54% of the
top 10 vulnerabilities in 2022.
• The growth rate of web-centric vulnerabilities (XSS, SQLI, CSRF, directory traversal) was
1.9 times faster than the average in 2021
====
Non Patched Vulnerabilities
Among the source code repositories in the production environments, we analyzed:
• 63% of the repositories have High or Critical vulnerabilities.
• 51% of the vulnerabilities (High or Critical) are at least two years old.
Among the internet-facing services that host in public clouds:
• 11% of exposed hosts contain High or Critical vulnerabilities.
• 71% of exposed vulnerabilities (High or Critical) are at least two years old.
==
OSS Package Dependency
51% of codebases depend on more than 100 open-source packages.
• On average, each repository has 113 dependent OSS packages.
• 77% of packages are non-root packages, and 77% of vulnerabilities are introduced by the non-root packages.
• The number of vulnerabilities and security issues in a cloud workload is proportional to the number
of external assets the workload depends on.
