A naukri.com initiative
Sentinelone
1M
399
Image Credit: Sentinelone
Cloud and Container | The Attack & Defend Series
- SentinelOne’s Cloud Security Research Team has launched a new blog series, “Cloud and Container | Attack & Defend” exploring the ins and outs of cloud security from both the threat actor and the defender perspectives.
- The series will focus on the tactics, techniques and procedures employed by threat actors to compromise cloud infrastructures, and security best practices for addressing those threats.
- Organizations continue to embrace cloud technologies to look beyond traditional infrastructures and redefine how their applications are built, managed and scaled.
- Adopting cloud-native platforms, containerized apps and other modern storage solutions is driven by the need for more efficient development and deployment workflows while building resilience.
- The Com, a group of multiple actors with varying objectives and skill levels, is the most impactful threat actor of 2023, according to SentinelOne's WatchTower team.
- The Com has been observed in high-profile network intrusion and ransomware attacks, and uses cloud compromise tactics and techniques.
- The most common root causes of cloud incidents are misconfigured assets exposed to the internet, followed by compromised credentials and vulnerable web apps hosted on the cloud.
- Sophisticated cloud attacks can involve all three root causes and popular tactics include milestone distribution in attack chains.
- SentinelOne proceeds with a new Attack post focusing on Kubernetes (K8s) Privilege Escalation, a critical concern in cloud-native environments, in the next blog.
- The blog will examine how attackers can exploit misconfigurations in K8s, vulnerabilities, or over-permissive roles to escalate privileges and potentially gain unauthorised access to sensitive resources.
Read Full Article
24 Likes
For uninterrupted reading, download the app