20

  Efforts to control attacks early are helping to ameliorate more harmful consequences further along the the kill chain: Impact passed at only 13.67% Exfiltration at only 3.70%. Exploitation of public facing apps passed at only 28.54%. Exploitation of remote services, at only 17.92%, are failing at high rates. Resource hijacking is passing at just 22.83%. Smith wrote that since crypto mining malware is a threat to cloud environments, organizations should consider mitigating such controls to reduce their organizational risk in the cloud. “The lesson from these data points is that almost every organization needs to better monitor cloud configurations,” said Smith, adding that scans for CIS controls failed 34% of the time for AWS, 57% for Microsoft Azure and 60% for GCP

  What is cloud security? Center for Internet Security work offers insights to remediation Recommendations by the firm included reviewing research by the Center for Internet Security including work Qualys participated in: mapping of individual controls to the MITRE ATT&CK tactics and techniques. Must-read security coverage Qualys contributed to developing these CIS benchmarks for AWS, Azure and GCP. The benchmarks will help offer some valuable insight and context for defenders to better prioritize the hundreds of hardening controls available in cloud environments. Qualys also looked at how firms are deploying controls to harden their cloud postures across the three major platforms, noting that privilege escalation (96.03%), initial access (84.97%) and discovery (84.97%) are passing at the highest rates.