What processes do you rely on to address risks from rogue cloud tenants that the security team doesn’t have visibility of?

Threat & Vulnerability ManagementThreat Intelligence & Incident Response
1.9k viewscircle icon2 Comments
Sort by:
Director of Information Security in Finance (non-banking)4 months ago

I do not agree to @Adel Awad, it's not the Security that has to have the right to create new infrastructure in the cloud, but there has to be one dedicated and responsible team for the environment.
Architects build systems and services
Infrastructure team build templates for the container or cloud services
Security approves that
DevTeams just use templates and are not allowed to define their own infrastructure
CI/CD is an automated one-way street to PROD and the only way into it.
No interaktive service in PROD, if there is an error in PROD, fix it in DEV and start CI/CD

CIO in Banking4 months ago

You need to lockdown your cloud environment so that only the cybersecurity team is allowed to create an environment under your domain ownership, you also need to monitor the attack surface , such as storage buckets exposed to the outside world , lack of conditional access , etc… there are solutions that helps you monitor cloud security (Cloud Security Posture Monitoring)

Lightbulb on1

Content you might like

What sorts of failsafe processes/controls, etc, do you rely on to make sure terminated or suspended employees’ access credentials are revoked immediately? Does your org generally rely on direct communications from HR or do you have an HRM or similar system to automate this?

Read More Comments

If you’ve worked with mobile applications and have experience scanning code, either for vulnerabilities or to ensure best practices, what tools or solutions would you recommend for iOS and Android platforms?

Has your company made you feel comfortable about the prospect of returning to the office?

Yes - My company has been clear with the back to office plan82%

No - Messaging around return to the office has been confusing and disjointed17%

Excluding CVE, what other vulnerability databases/info sources do you use currently? Have you developed any contingency plans to lean on in case the CVE program loses funding?

Are you using a purchased tool or managed service provider (MSP) for external attack surface management?

Yes – using both a tool and MSP31%

We only use an MSP47%

We only use a purchased tool19%

No – not using a tool or MSP for external attack surface management3%

Something else (explain in a comment)

View Results