"Cloud Security Alerts Take Six Days to Resolve"

Security researchers at Palo Alto Networks are warning that cloud security teams are exposing their organization to potential days of elevated cyber risk by failing to deal promptly with alerts.  During the study, the researchers found that security teams take 145 hours, or around six days, on average, to resolve a security alert, with 60% of organizations taking longer than four days.  Previous Palo Alto research revealed that threat actors often begin exploiting a newly disclosed vulnerability within hours, leaving a potentially lengthy window of exposure for many firms.  The researchers stated that although unpatched vulnerabilities are by no means the only source of such alerts, they are a popular target for threat actors.  The researchers noted that almost two-thirds (63%) of codebases in production have unpatched vulnerabilities rated high or critical, and more than one in 10 (11%) hosts exposed in public clouds feature high severity or critical bugs.  The researchers stated that in a cloud environment, a single vulnerability in the source code can be replicated to multiple workloads, posing risks to the entire cloud infrastructure.  The researchers noted that many of these vulnerabilities appear in open-source packages, with the complexity of code dependencies making it challenging to find and patch them.  Around half (51%) of codebases depend on more than 100 open-source packages, but just a quarter (23%) of packages are directly imported by developers.  The rest (77%) of the required packages, which often contain bugs, are introduced by “non-root packages” or dependencies.  During the study, the researchers also found that cloud users make the same mistakes repeatedly.  Just 5% of security rules trigger 80% of the alerts, meaning that if organizations can prioritize remediating things like unrestricted firewall policies, exposed databases, and unenforced multi-factor authentication (MFA), they could drive security ROI.
 

Infosecurity reports: "Cloud Security Alerts Take Six Days to Resolve"

Submitted by Anonymous on