In this entry, we continue delving into an investigation of exposed registries and look at the types of files and information that malicious actors can access and compromise from these.
In this entry, we will discuss publicly exposed registries, which are repositories or databases containing information accessible to the public without the need for authentication.
We examine Azure’s Managed Identities service and its security capability in a threat model as developers’ go-to feature for managing secrets and credentials.
After looking at offerings by cloud service providers (CSPs), we examined the possibilities of using a more secure serverless environment by running a custom container.
Using Trend Micro Cloud One™ – Conformity data, we looked at the top 10 Amazon Web Services (AWS) and Microsoft Azure services with the highest misconfiguration rates with regard to the implementation of Cloud Conformity rules.
Our new report maps the vulnerable cracks in cloud native application security, and shows how this is a growing concern that enterprises should devote time and resources to secure.