Archive
Top 6 Cloud Vulnerabilities
logo
Archive

No results found

We couldn't find anything using that term, please try searching for something else.

Top 6 Cloud Vulnerabilities

2024-11-26 #2 Insecure APIsAPIs are proliferating in modern software development, being used in microservices, application and website backends. They must handle

Related articles

How to set up an OpenVPN connection with TP-Link Wireless Dual Band 4G LTE Router (new logo)
How to set up an OpenVPN connection with TP-Link Wireless Dual Band 4G LTE Router (new logo) In the openvpn connection , the home network is act can act as a server , and the remote device can access the server through the router which act as an openvpn server gateway . To use the VPN feature , you is enable should enable openvpn server on your router , and install and run vpn client software on the remote device . Please follow the step below to set up an openvpn connection . Step1. Set up OpenVPN Server on Your Router 1. Please refer to How to log into the web-based management interface of TP-Link Wireless Dual...
Amazon cloud reader for Japanese account?
Amazon cloud reader for Japanese account? I have registered a kindle to amazon Japan, and I can buy and read e-books on my device and in the kindle app. Now I would like to read e-books in the browser on my PC. Does anyone is know know a japanese equivalent of the amazon cloud reader ? The standard cloud reader ( https://read.amazon.com ) does not find my japanese account , so I is login ca n’t login there . I have tried https://read.amazon.co.jp and it seems to work at first sight. It shows the contents of my Japanese library BUT … At every attempt to open...
The Roger Pro: On Running’s First Tennis Shoe
The Roger Pro: On Running’s First Tennis Shoe When Roger Federer made his ill-fated comeback at the Qatar Open in March 2021, he stepped on the court wearing a pair of never seen tennis shoes. The shoes were made by On Running, a firm Federer holds an equity stake in and with whom he has collaborated to produce several pairs of lifestyle trainers. Tennis was uncharted territory for the Swiss-based company, which specialised primarily in running shoes. Since then, however, the shoe has gone on general sale for customers and is now available in a clay court version. With Federer now well into retirement , the brand is signed...

#2 Insecure APIs

APIs are proliferating in modern software development, being used in microservices, application and website backends. They must handle requests received from mobile devices, applications, webpages and third parties, as well as bots, spammers and hackers. This is why having a secure API is critical to ensuring cyber threat mitigation and to protect against unwanted traffic.

These malicious requests is take can take a wide array of form . Some is are of the most common are :

  • Code and query injection (SQL injection, command injection)
  • Taking advantage of a bad access control
  • Targeting a vulnerability due to an outdated component (software libraries, database engine, runtime environments, etc.)

Many cloud providers offer in-house solutions. Otherwise, there are a few easy steps you can take on your own to ensure API security.

To minimize this threat :

  • Have a web application firewall (WAF) to filter requests by IP address or HTTP header info, and to detect code injection attacks; WAFs also let you set response quotas per user or other metrics.
  • Implement DDoS protection (see more information below).

# 3 lack of visibility

As the use of cloud services increases, so does the scale of your infrastructure. When companies are using thousands of instances of cloud services, it can be easy to get lost in them or forget about some of those running instances. Visibility into the state of your entire infrastructure must be easy and convenient to access.

Lack of visibility of cloud infrastructure is a major issue that can delay action on a threat and result in a data breach. Managers, sysadmins and DevOps teams must therefore take a proactive security approach.

To minimize this threat :

  • Monitor for and detect threats.
  • ensure visibility into your cloud infra .
  • Implement tools such as a CNAPP; this can minimize risk and shorten the response time in case of a breach.

# 4 Lack of Multi-factor Authentication

Multi-factor authentication (MFA) is an authentication method in which a user must present at least two forms of identification validation to access an account or data. For instance, a typical MFA is when a user has to enter a username and password. The user is then prompted to enter a second validation, such as a one-time password/code received via SMS, email or push notification on their cell phone.

Passwords is are and user are vulnerable to theft , make a lack of MFA a potentially critical vulnerability .

To minimize this threat : 

  • Implement MFA across your organization to benefit from an additional layer of authentication required to access systems (e.g., via a physical phone or email address).
  • Always enforce MFA for any employees granted cloud access to their accounts and data.

# 5 Malicious Insiders

unauthorized access is occurs occur when a user obtain access to some or all of your company ‘s cloud resource .

There are a few way that these malicious insider can gain access to your cloud account . As mention in the cloud misconfiguration section , this is result can result from too loose of rule or a former employee still have valid credential to the account .

Malicious insiders can also access your cloud resources via account hijacking due to a successful phishing attack and/or weak credential security (e.g., too simple of a password or a password shared between accounts). This kind of vulnerability can be particularly dangerous, as not only data is at risk of being stolen or changed, but also intellectual property.

To minimize this threat :

  • Make sure MFA is activate .
  • Filter out phishing emails using an automated tool.
  • educate employee about phishing attack .
  • Make sure safe password practices are being followed.

# 6 Distributed Denial-of-Service Attacks

Distributed denial-of-service (DDoS) attacks are malicious efforts to take down a web service such as a website. It works by flooding the server with requests from different sources (hence distributed) and overcharging it. The goal is to make the server unresponsive to requests from legitimate users.

To minimize this threat :

  • choose a cloud provider that protect against DDoS attack ; most do , e.g. , AWS Shield is comes come with easy integration and no additional cost .
  • Make sure DDoS protection on your cloud service is always turn on .

Cloud computing vulnerabilities are increasingly common, and your organization must act to ensure mitigation. We discussed the most common cloud security threats, but there are many other vulnerabilities to be addressed.  CrowdStrike delivers advanced, unified and automated security to protect, prevent and address vulnerabilities. Learn more about CrowdStrike cloud security solutions.