Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

140,000 Social Security numbers and about 80,000 bank account numbers — that’s what one attacker stole from a major financial institution back in 2019. How did it happen? The attacker used firewall credentials to obtain privilege escalation and hack into improperly secured Amazon cloud instances.

Across the globe, we are all now always connected. People now share, upload, and download information from their phones or computers. Cloud-based storage has become incredibly popular because everything is accessible. And with multiple devices synced, you'll never have to worry about forgetting a file again. However, it's not without risks. If someone gets access to your account credentials, they could potentially view all your data stored in the cloud.

In the cloud, securing identities and workloads is both paramount and complex. Inventories of AWS customer security breaches help us learn from publicly disclosed incidents—but until now, not much concrete data has been shared around the usage of security mechanisms that could have helped prevent these incidents. For this report, we examined real-world data from a sample of more than 600 organizations and thousands of AWS accounts that use the Datadog Cloud Security Platform.

The rapid proliferation of cloud technology has empowered organizations to meet complex challenges with innovative solutions. This flexibility, however, is the antithesis of security — each new cloud solution that an organization adopts expands their attack surface.

As an employer, you have both a moral and legal obligation to shore up sensitive information about your employees. Sensitive information includes genetic and biometric data, medical records, SNNs (social security numbers), and criminal history records, just to name a few. Fail to do so, and you will open yourself up to loads of risk. Hackers are constantly on the hunt for applicant and employee data that they can further sell on the dark web or use to perpetrate fraud.

There’s plenty of loaded terminology and buzzword bingo when it comes to the latest advances in cloud application delivery. Especially when it comes to multi-cloud – which should merely mean multiple cloud instances when modern cloud applications really leverage multiple hybrid IT operating models, atop both existing business silos and newer microservices application workloads.

The reason organizations are embracing cloud-native development is clear: AWS reports those who migrated saw an average of 20% infrastructure cost savings and 66% increase in administrator productivity. Moving your development process to the cloud offers these benefits and many others, but it also offers a whole new set of security challenges. This series is aimed at helping developers create secure infrastructure for modern, cloud-native applications.