12/28/2023 0 Comments Visualize and attack![]() Read the full report to see the most common and concerning misconfigurations. 92% of the misconfigurations were in the dependent charts.For charts with dependencies, 62% of the misconfigurations come from the dependent charts.99.9% of all Helm charts contained misconfigurations.Using Helm Scanner (and in the same vein as our previously published Helm security research series), we analyzed over 3k Helm charts and 9k YAML files on Artifact Hub for misconfigurations. Read the full report to see the most commonly found misconfigurations across each cloud provider and more. 64% of the downloaded templates by volume contained at least one high or critical insecure configuration. ![]() 49% of the templates contained at least one critical or highly insecure configuration.63% of the scanned templates contained one or more insecure configurations.Using Checkov, we analyzed over 4k Terraform templates and 38k Terraform files in popular open-source Terraform repositories for misconfigurations. Watch the session on the findings below or keep reading for some highlights from that data. The research, collated in the Unit 42 Cloud Threat Report, 2H 2021, combines findings from a red team exercise and data gleaned from Bridgecrew’s open-source research tools. We recently collaborated with our friends at Unit 42 to dive deeper into the world of software supply chain attacks and the role misconfigurations and vulnerabilities play in them.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |