Blog
Enhancing Cloud Security Against the Egregious 11
How Network Detection & Response Can Help You Fight Top Threats in 2020 and Beyond
Dale Norris
April 28, 2020
Mitigating security risks and vulnerabilities in cloud environments has been a longstanding, top-of-list priority for organizations concerned about the new and evolving threats that come with digital transformation.
Given the events of the last couple months, cloud security concerns are only going to increase as everyone searches for ways to keep remote workers connected and key initiatives on track. Since the end of 2019, there has been a five-fold increase in the number of remote workers, according to IDG research.
The way organizations are using the cloud is changing, too, and it's a major trend that started long before flattening the pandemic curve became an all-hands-on-deck proposition. An estimated 85% of organizations use multicloud deployments, and that number is expected to increase to near 100% in the next year.
Maybe you weren't aware of the numbers, but you've known for a long time that enhancing your security is critical as you move more workloads from the on-premises datacenter to the cloud. Many organizations are being proactive by reexamining their cloud security posture, so it seems like now is a good time to resurface the Cloud Security Alliance's (CSA) "Egregious 11" list of top vulnerabilities and threats.
CSA's 43-page report shines a light on the challenges security teams face, offers key takeaways from experts in the field, shares security guidance, and shows where CSA's cloud control matrix, or CCM, provides coverage.
Download the report, sponsored by ExtraHop, for more information.
If you want to dive even deeper, CSA is hosting a virtual CloudBytes Connect event May 26 – 28. Experts from ExtraHop will present a keynote session on enhancing cloud security with network detection and response at 10 a.m. PT on May 27. You can register here.
If you would rather get the TL;DR version of the report, you can keep reading for a brief rundown of the findings and the reasons why network detection and response (NDR) is essential to enhancing cloud security.
What makes up the Egregious 11?
Not surprisingly, data breaches top the list, and data accessible via the internet is the biggest target because of the No. 2 vulnerability in the Egregious 11—misconfiguration and inadequate change control. A lack of cloud security architecture and strategy comes in next, with insufficient identity, credential, access, and key management batting cleanup. Account hijacking rounded out the top five, followed by insider threats, insecure interfaces and APIs, weak control planes, metastructure and application failures, limited cloud visibility, and abuse and nefarious use of cloud services.
How Can Network Detection and Response Help?
It starts with network visibility. Anything that communicates across core, cloud, and edge deployments does so on the network, making network data the richest input for the next two components of NDR—detection and response.
By monitoring and analyzing network traffic data with cloud-scale machine learning, ExtraHop Reveal(x) Cloud can identify threats and behaviors that indicate attacks in real time. Those high-fidelity detections give security teams the information they need to respond to the threats that matter, whether that means conducting a forensic investigation, directing analyst resources to deal with those threats, or through integrated response automations to take action on suspect workloads, domains, and IP addresses. Cloud-native NDR from ExtraHop also helps security teams get the most out of the CCM framework by providing coverage across a wide range of control domains.
If you would like to see for yourself how cloud-native NDR from ExtraHop can help you enhance your security before you check out our keynote presentation at CloudBytes Connect, take Reveal(x) for a test drive with our live online product demo.
Discover more