Policy-as-code approach counters cloud native security risks

Cloud native’ technology IT designs are introducing new vulnerabilities to enterprises as they seek to upgrade their technological infrastructure, according to security researchers. According to data from developer security solutions provider Snyk, more than half of developers and security experts expect the dangers to their businesses to rise over the next year. Cloud-native dangers, particularly control plane breaches, are among the motivators. Other possible issues include incorrectly configured cloud resources and hacked credentials.Attackers look for cloud service credentials by looking for ‘open S3 buckets,’ blob storage, or other open storage sites, as well as GitHub repositories, SSH [Secure Shell] and SSL vulnerabilities, and even developer discussions on sites like Stack Overflow. Read More…