Wiz State of the Cloud 2023 Overview

Keypoints hendryadrian.com

• Major cybersecurity vendors publish comprehensive annual cloud security reports structured into sections such as executive summaries, industry reviews, current landscape analysis, cloud usage patterns, and data exposure risks, offering insights into threats, attack methods, and shifting trends.
• Key statistics reveal rising cloud API complexity, with AWS adding over 1,600 API actions yearly, and privilege escalation opportunities increasing by 15% for AWS, 20% for Azure, and 45% for GCP, indicating a more expansive attack surface.
• The reports consistently identify prevalent risks like data exposure, where 47% of companies have publicly accessible databases or storage buckets, with attacker discovery times as short as 7 to 13 hours, emphasizing the urgency of secure configurations.
• Notable trends include the proliferation of cloud-native vulnerabilities such as critical cross-tenant flaws, the exploitation of legacy services like IMDSv1, and insights into threat actor activities like UNC2903 targeting cloud metadata services, underscoring the importance of secure cloud management practices.
• Analysis of multi-cloud usage shows most organizations operate predominantly within a single cloud provider, with AWS being the primary platform for 62% of customers, and most workloads concentrated in a few large accounts—highlighting the continued dominance of AWS and the complexity of managing multi-cloud environments.
• Data on cloud services indicates extensive adoption of managed databases (over 90%), especially PostgreSQL, Redis, and MySQL, with a significant portion of companies deploying both managed and unmanaged databases, illustrating diverse database strategies in cloud ecosystems.
• Overall, reports underscore an evolving threat landscape characterized by sophisticated attack techniques, increasing cloud service complexity, and persistent configuration vulnerabilities, emphasizing the need for robust cloud security practices.