STOCK TITAN

Datadog Releases 2023 State of Cloud Security Report

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Neutral)
Tags
Rhea-AI Summary
Datadog, Inc. (NASDAQ: DDOG) - Datadog's new report, The State of Cloud Security 2023, reveals that long-lived credentials are a common cause for cloud security breaches. The report also highlights issues with multi-factor authentication, insufficient adoption of AWS IMDSv2, excessively privileged cloud workloads, and risks posed by publicly exposed virtual machines. Jeremy Garcia, VP of Technical Community and Open Source at Datadog, emphasizes the need for continuous scanning and fixing of misconfigurations and vulnerabilities to avoid breaches.
Positive
  • Cloud security posture has significantly improved as providers deliver more secure defaults on their platforms and as organizations gain a greater understanding of security risks.
Negative
  • None.

Report finds that long-lived credentials remain a common cause for cloud security breaches 

NEW YORK, Nov. 15, 2023 /PRNewswire/ -- Datadog, Inc. (NASDAQ: DDOG), the monitoring and security platform for cloud applications, today released its new report, The State of Cloud Security 2023. Datadog analyzed security posture data from thousands of organizations using AWS, Azure or Google Cloud for the report, focusing particularly on understanding how organizations approach and mitigate common risks that frequently lead to documented public cloud security incidents.

The report found that organizations still face significant challenges when it comes to securing their cloud environments. Long-lived credentials, in particular, continue to be a widespread problem. These types of credentials are widely regarded as insecure, not only because they never expire but also because they can easily be leaked in source code, container images or configuration files. They remain one of the most common causes of security breaches in the cloud.

Other key findings from the report include:

  • Multi-factor authentication (MFA) is not proactively enforced: In October 2023, 20.3% of IAM users that had authenticated to the AWS Console had done so without using MFA and 20.7% of Azure AD users that had authenticated had done so without MFA.
  • Adoption of AWS IMDSv2 is rising but still insufficient: Although it's critical to protect against server-side request forgery attacks in AWS, only 21% of EC2 instances enforce IMDSv2, up from 7% last year.
  • A substantial portion of cloud workloads are excessively privileged: 37% of Google Cloud VMs and 23% of EC2 instances have sensitive permissions that would allow an attacker to gain privileged access or wide data access in a cloud environment.
  • Publicly exposed virtual machines pose a risk to cloud environments: 7% of EC2 instances, 3% of Azure VMs and 12% of Google Cloud VMs have at least one port allowing traffic from the internet, leaving them at risk of brute-force attacks.

"Cloud security posture has significantly improved as providers deliver more secure defaults on their platforms and as organizations gain a greater understanding of security risks," said Jeremy Garcia, VP of Technical Community and Open Source at Datadog. "However, there is still a lot of work to be done. Issues like long-lived credentials, MFA adoption and public VM exposure can be difficult to identify, prioritize and fix. The best defense, along with a deeper awareness of security risks, is to continuously scan for and fix misconfigurations and vulnerabilities so that breaches can be avoided before they happen."

The State of Cloud Security 2023 is available now. For the full results, please visit: https://www.datadoghq.com/state-of-cloud-security/. To learn how Datadog helps companies secure their cloud environments, visit: https://www.datadoghq.com/product/cloud-security-management/.

About Datadog

Datadog is the observability and security platform for cloud applications. Our SaaS platform integrates and automates infrastructure monitoring, application performance monitoring, log management, real-user monitoring, and many other capabilities to provide unified, real-time observability and security for our customers' entire technology stack. Datadog is used by organizations of all sizes and across a wide range of industries to enable digital transformation and cloud migration, drive collaboration among development, operations, security and business teams, accelerate time to market for applications, reduce time to problem resolution, secure applications and infrastructure, understand user behavior, and track key business metrics.

Forward-Looking Statements

This press release may include certain "forward-looking statements" within the meaning of Section 27A of the Securities Act of 1933, as amended, or the Securities Act, and Section 21E of the Securities Exchange Act of 1934, as amended including statements on the benefits of new products and features. These forward-looking statements reflect our current views about our plans, intentions, expectations, strategies and prospects, which are based on the information currently available to us and on assumptions we have made. Actual results may differ materially from those described in the forward-looking statements and are subject to a variety of assumptions, uncertainties, risks and factors that are beyond our control, including those risks detailed under the caption "Risk Factors" and elsewhere in our Securities and Exchange Commission filings and reports, including the Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission on May 5, 2023, as well as future filings and reports by us. Except as required by law, we undertake no duty or obligation to update any forward-looking statements contained in this release as a result of new information, future events, changes in expectations or otherwise.

Contact
Dan Haggerty
press@datadoghq.com

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/datadog-releases-2023-state-of-cloud-security-report-301989329.html

SOURCE Datadog, Inc.

FAQ

What are the key findings from Datadog's report on The State of Cloud Security 2023?

The report highlights issues with long-lived credentials, multi-factor authentication, insufficient adoption of AWS IMDSv2, excessively privileged cloud workloads, and risks posed by publicly exposed virtual machines.

How can organizations improve cloud security based on the report?

Jeremy Garcia, VP of Technical Community and Open Source at Datadog, emphasizes the need for continuous scanning and fixing of misconfigurations and vulnerabilities to avoid breaches.

Where can the full results of The State of Cloud Security 2023 be found?

The full results of the report are available at https://www.datadoghq.com/state-of-cloud-security/.

Datadog, Inc.

NASDAQ:DDOG

DDOG Rankings

DDOG Latest News

DDOG Stock Data

49.83B
304.06M
2.84%
81.31%
3.35%
Software - Application
Services-prepackaged Software
Link
United States of America
NEW YORK