Home » Cybersecurity » Cloud Security » 6 Critical Areas of Cloud-Native Security That Are Influential in 2022

6 Critical Areas of Cloud-Native Security That Are Influential in 2022

by Tripwire Guest Authors on March 27, 2022

Cloud computing has emerged as the go-to organizational workload choice because of its innate scalability and flexibility. However, cloud computing still comes with some security risks. Examining cloud security is an important part of adopting this new technology.

Presently, cloud-native security is experiencing changes and innovations that help address security threat vectors. These areas are of significant importance for security professionals, software developers, and information technology specialists.

Secret Credential Management

Cloud-based applications use many application tools, micro-services, and privileged accounts to function. In many cases, each area requires keys and passwords necessary for application-to-application and application-to-database communication. However, without a strong secret credential management strategy, administrators and developers can find themselves unprepared in the case of a security incident. Secret credentials can include the usual, often mundane password rules, all the way up to security keys, tokens, access codes, and even physical secrets. While a general business plan is essential to forming and growing a business, a security plan that also includes the security of technical information (such as key and password management) is an effective way to reduce risk.

It’s important that the management of secret credentials is automated, rather than manual. Manually generating secrets can lead to human error and leave gaps in your security that cybercriminals can exploit. An administrator may create keys or passwords that are easy to remember, but this also makes it easy for criminals to gue s s them too.

When managing secrets, it’s important to keep in mind that third party software may need access to these secrets in order to integrate correctly into your workflow. Even if all of your internal tools are secure, insecure third-party tools can represent a huge hole in your security.

DevOps tools may have access to several resources and orchestration software, which can also pose a (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tripwire Guest Authors. Read the original post at: https://www.tripwire.com/state-of-security/security-data-protection/cloud/6-critical-areas-of-cloud-native-security-that-are-influential-in-2022/

March 27, 2022March 28, 2022 Tripwire Guest Authors api, Cloud, credentials, Featured Articles, iam, posture, social engineering, supply chain

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Fortinet® Follies