DevSecOps report: Cloud IT complexity creates 'immutable' security issues

cloudscontainers.jpg

Organizations open up to cloud IT. 

Photo: Tom Foremski

A report on DevOps security has found that only 4% of issues found in production are dealt with because of the increased complexity of cloud based IT systems is creating new security gaps.

The State of DevSecOps report was commissioned by Accurics — which specializes in addressing  IT security through infrastructure as code in order to better handle the increased complexity of IT in the cloud. 

The report found that the cloud-based IT stack has become very complex with the addition of technologies such as containers. Each additional layer of the IT stack adds new risks.

The authors state: “The crux of the issues lies in the fact that as the cloud native stacks become more complex, point cloud security solutions become inadequate and gaps in coverage start to emerge.”

Containers are being used by 84% of the organizations surveyed and 41% are using serverless. The Kinsing malware attack is provided as an example where a simple misconfiguration of an API port allowed hackers to breach container clusters.

“Cloud infrastructure goes far beyond traditional network, storage, and compute; organizations are rapidly adopting new technologies such as serverless, containers, and service mesh,” says Piyush Sharrma CTO at Accurics. “Cloud infrastructure is becoming increasingly immutable: it is never modified after it is deployed. If something needs to be changed, new infrastructure has to be provisioned through code.”

But organizations are making errors when provisioning and managing infrastructure through code. About two-thirds of  reported security issues were exposed cloud storage services due to “egregious mistakes” that are easily avoidable by applying best practices. 

In 90% of cloud deployments the security baseline has shifted due to privileged users making changes without updating the code that was defined “to be the single source of truth.”

The report is here: The State of DevSecOps

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

For a Hedge Against Inflation - Click the Rocket!

E-Crypto News Executive Interviews

Blockchain/Cryptocurrency Questions and Answers

Stressed about crypto
The Worst Places in the World to Buy and Hold Crypto
January 27, 2023
What Are Crypto Index Funds?
What Are Crypto Index Funds?
January 19, 2023
money
Can You Make Money Anymore With Crypto in 2023?
January 13, 2023
What Is Stagflation And How Does It Affect The Crypto Markets?
What Is Stagflation And How Does It Affect The Crypto Markets?
January 12, 2023
passive crypto
How To Minimize Risks When Investing in Crypto
December 28, 2022

Automated trading with HaasBot Crypto Trading Bots


CryptoCurrencyUSDChange 1hChange 24hChange 7d
? --- 0.00 % 0.00 %
? --- 0.00 % 0.00 %
? --- 0.00 % 0.00 %
USD Coin1.000 0.44 % 0.25 % 0.18 %
BNB283.64 0.09 % 0.32 % 2.79 %
XRP0.4687 0.46 % 4.02 % 4.38 %
Binance USD1.000 0.15 % 0.14 % 0.18 %
? --- 0.00 % 0.00 %
? --- 0.00 % 0.00 %
? --- 0.00 % 0.00 %

bitcoin
Bitcoin (BTC) $ 23,108.19
ethereum
Ethereum (ETH) $ 1,586.32
tether
Tether (USDT) $ 1.00
usd-coin
USD Coin (USDC) $ 1.00
bnb
BNB (BNB) $ 312.09
xrp
XRP (XRP) $ 0.402948
binance-usd
Binance USD (BUSD) $ 1.00
cardano
Cardano (ADA) $ 0.380034
dogecoin
Dogecoin (DOGE) $ 0.093943
matic-network
Polygon (MATIC) $ 1.11