Cloud Threat Landscape

A Candid Perspective on the Cloud Threat Landscape: What’s Real, What’s Not, and What Should Change

What's a threat landscape

It's a view of current threats, real incidents, adversary behaviors and trends.

What's the problem with cloud? It's fragmented, underdeveloped and hard to find things.

Key Observations

1. Identity and Standing Access Exploitation
2. SaaS is the new data plane

3. Pipeline platform and supply chain integrity

4. The good: The big part of reports include detections and security considerations

5. The bad: Not a lot of reports include threat actors. Not a lot of mapping on MITRE ATTACK.
6. The ugly: The big cloud vendors don't report on cloud specific threats

Links

• https://attack.mitre.org/
• https://www.invictus-ir.com/news/profiling-javaghost-tactics-history-defenses
• https://github.com/invictus-ir