InfoWorld Security
Cloud engineering and security teams need to ask some important questions about the security of their cloud environments, and they must go well beyond whether or not environments are passing compliance audits.
Within minutes of your adding a new endpoint to the internet, a potential attacker has scanned it and assessed its exploitability. A single cloud misconfiguration could put a target on your organization’s back—and put your data at risk.
Assume for a moment that an attacker finds one of these vulnerabilities and gains an initial foothold in your environment. What is the blast radius of this penetration? What kind of damage could they do?
Read the original article: