In response to reports that show a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack, an expert from Cerberus Sentinel offers perspective.
A new report shows a high percentage of IaC template misconfigurations in cloud deployments that leave them vulnerable to attack: https://t.co/EWf5e0TJdC pic.twitter.com/DP3xChwuSc
— CompTIA (@CompTIA) February 5, 2020
While many consider infrastructure code as somehow less critical than application code, this report highlights that nothing could be further from the truth. In reality, the same culture and discipline (code reviews, automated testing, etc) must be used on infrastructure code as is used on application code, for very similar reasons: failure to appreciate the implications and act accordingly creates a real security risk to both the infrastructure and the applications that infrastructure is supporting.