As cybersecurity professionals, we are always impressing the importance of patch management as one of the best ways to protect systems against vulnerabilities. Sometimes, the vulnerabilities are never fully exploited. Regardless of the threat possibility, patching is one of the easiest ways to ensure the minimum level of security in an organization. The best part about patching a system is that it is very easy to see the status of the patch level as compared to the manufacturer’s recommendations.

Configuration Management

One of the areas of security that is more easily overlooked is configuration management. If a system’s configuration is changed, it can often go unnoticed, as there are often no alarms that would be set off, no manufacturer’s warning, and no standard level that is recommended. This is why configuration management is so important towards understanding if any configuration drift has occurred. Configuration management is applicable not only to security professionals but also to all areas of IT management as well as to DevOps.

Contextualizing the Problem

According to one source, some organizations have admitted to a large number of known misconfiguration discoveries. More worryingly, some have reported that there are probably unknown misconfigurations, as well. This is the new “low hanging fruit” for cloud-based attacks as well as for malicious techniques like exploiting unsecured storage containers, crypto-jacking, and discovering exposed sensitive databases. That’s probably why Gartner predicted that misconfigurations would account for 80% of cloud breaches by 2020, as reported by Forbes.

Misconfigurations in the cloud are already having an impact, however. We’ve already seen attackers leverage them against big targets like Equifax and Microsoft Azure. We’ve also seen data breaches tied to cloud misconfigurations carry quite a price tag. As reported by TechRepublic, 196 such incidents exposed more than 33 billion records and (Read more...)