The report found that 46% of organizations use unmanaged users with long-term credentials
New York, October 21, 2024 /PRNewswire/ — Datadog, Inc. announced (NASDAQ: DDOG), a monitoring and security platform for cloud applications, today announced its new report, State of Cloud Security 2024. The report found that long-standing credentials continue to be a major risk factor facing organizations across all cloud providers.
Long-term cloud credentials never expire, and are often leaked in source code, container images, build logs, and application artifacts, making them a significant security risk. Research has shown that it is the most common cause of publicly documented cloud security breaches. Although the risks are well-documented, Datadog's report found that nearly half of organizations (46%) still use unmanaged users with long-term credentials.
According to the report, not only are long-term credentials spread across all major clouds, but they are often outdated and even unused. 62% of Google Cloud accounts, 60% of AWS IAM users, and 46% of Microsoft Entra ID applications have an access key that is more than one year old.
“The findings from the State of Cloud Security 2024 suggest that it is unrealistic to expect that long-term credentials can be managed securely,” said Andrew Krug, Head of Security Defense at Datadog. “In addition to long-lived credentials representing a significant risk, the report found that most cloud security incidents result from compromised credentials. To protect themselves, companies need to secure identities using modern authentication mechanisms, leverage short-lived credentials and actively monitor changes to APIs commonly used by attackers.”
Other key findings of the report include:
Adoption of cloud guardrails is growing — 79% of S3 buckets are covered by a public, account-level or bucket-specific S3 access block, compared to 73% a year ago — thanks to cloud providers starting to enable guardrails by default. More than 18% of AWS EC2 instances and 33% of Google Cloud VMs have sensitive permissions for a project. This puts organizations at risk as any attacker who compromises the workload is able to steal the associated credentials and gain access to the cloud environment. 10% of third-party integrations have risky cloud permissions, allowing the vendor to access all data in the account or take over your entire AWS account. 2% of third-party integration roles do not enforce the use of external identifiers, allowing an attacker to compromise them through a “confused deputy” attack.
For the report, Datadog analyzed security posture data from a sample of thousands of organizations using AWS, Azure, or Google Cloud.
Datadog's 2024 State of Cloud Security is now available. To dive deeper into the results, read the blog. Learn more about how Datadog helps businesses secure their cloud environments.
About DataDog
Datadog is a monitoring and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring, log management, user experience monitoring, cloud security and many other capabilities to provide real-time, unified monitoring and security for our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, enhance collaboration between development, operations, security and business teams, accelerate application time to market, reduce time to resolution, secure applications and infrastructure, understand user behavior and track metrics. Main business.
Forward-looking statements
This press release may include certain “forward-looking statements” within the meaning of Section 27A of the Securities Act of 1933, as amended, or the Securities Exchange Act, and Section 21E of the Securities Exchange Act of 1934, as amended, including statements regarding Product benefits and new features. These forward-looking statements reflect our current views about our plans, intentions, expectations, strategies and prospects, which are based on the information currently available to us and on the assumptions we have made. Actual results may differ materially from those described in the forward-looking statements and are subject to a variety of assumptions, uncertainties, risks and factors beyond our control, including those risks detailed under the heading “Risk Factors” and elsewhere in our securities. and Securities and Exchange Commission filings and reports, including the Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission on May 8, 2024, as well as future filings and reports by us. Except as required by law, we undertake no duty or obligation to update any forward-looking statements contained in this release as a result of new information, future events, changes in expectations or otherwise.
communication
Dan Haggerty
Click on datadoghq.com
View original content to download multimedia: https://www.prnewswire.com/news-releases/datadogs-state-of-cloud-security-2024-finds-room-for-improvement-in-the-use-of-long -Live credentials across all major clouds-302282005.html
Source: Datadog, Inc.
