1、 Attackers have continued to adapt their techniques to an increasingly cloud-native landscape,with new threats targeting the different cloud platforms constantly emerging.As threats evolve,understanding the major sources of risk and patterns of attacker behavior in cloud environments is critical.For

2、 the 2024 edition of our State of Cloud Security study,we analyzed security posture data from a sample of thousands of organizations that use AWS,Azure,or Google Cloud.Our findings suggest that adoption of secure configurations in cloud environments continues to improve,thanks to greater awareness a

3、nd better enforcement of secure defaults.Still,risky or overly privileged credentials remain a major entry point for attackers.This risk can be heightened by common misconfigurations across elements of cloud infrastructure,including compute and storage instances,managed Kubernetes distributions,and

4、third-party integrations with SaaS providers.Fact 1:Long-lived cloud credentials continue to be a major risk Long-lived cloud credentials pose a major security risk,as they never expire and frequently get leaked in source code,container images,build logs,and application artifacts.Past research has s

5、hown that they are the most common cause of publicly documented cloud security breaches.For this report,we analyzed how organizations leverage legacy versus modern authentication methods to authenticate humans and applications.For humans,we found that most organizations leverage some form of federat

6、ed authenticationi.e.,using a centralized identity to grant users access to multiple systemsto access the AWS console(for instance,through AWS IAM Identity Center or Okta).However,almost half(46 percent)also use IAM users(a form of long-lived credential),and one in four only use IAM users.This shows