2023年云安全报告（英）.docx

资源ID：1155769 资源大小：519.21KB 全文页数：34页
资源格式： DOCX 下载积分：7金币

快捷下载

账号登录下载

微信登录下载

三方登录下载：

扫码关注公众号登录

下载资源需要7金币

邮箱/手机：
温馨提示：	快捷下载时，如果您不填写信息，系统将为您自动创建临时账号，适用于临时下载。如果您填写信息，用户名和密码都是您填写的【邮箱或者手机号】（系统自动生成），方便查询和重复下载。如填写123，账号就是123，密码也是123。
支付方式：
验证码：	换一换

加入VIP,免费下载

账号：
密码：
验证码：	换一换
当日自动登录忘记密码？

友情提示

1、下载资料失败解决办法

2、PDF文件下载后，可能会被浏览器默认打开，此种情况可以点击浏览器菜单，保存网页到桌面，就可以正常下载了。

3、本站不支持迅雷下载，请使用电脑自带的IE浏览器，或者360浏览器、谷歌浏览器下载即可。

4、本站资源下载后的文档和图纸-无水印,预览文档经过压缩，下载后原文更清晰。

5、试题试卷类文档，如果标题没有明确说明有答案则都视为没有答案，请知晓。

网站客服

侵权投诉

2023年云安全报告（英）.docx

THESTATEOFCLQUfi-NATIVESECURITY2023REPORTTHEONLYCONSTANTISCHANGEFewcanrelatetotheadagelikecloudsecurityprofessionals.Cloudsecurityisdynamicandunpredictable,butthemovetohybridworkhasacceleratedchangeandincreasedthecomplexityOfapplicationsecurity.Ascloud-nativeapplicationdevelopmentevolves,sotoodoorganizations7cloudinfrastructure(80%Ofsurveyrespondentssaytheircloudinfrastructureisevolving).Whatzsmore,thecloudhaschangedtheapplicationslifecycle,withDevOpsnowdeliveringproductioncodeatwarpspeedandsecuritypersonnelstrugglingtokeeppace.Morethan75%ofrespondentsfromthisyear'ssurveyaredeployingneworupdatedcodetoproductionweekly,andalmost40%arecommittingnewcodedaily.Addtothattheratiooftendevelopersforeverysecurityprofessional1,2andthepotentialforchallengesinscaleandcomplexityarenotdifficulttounderstand.Incontrasttoon-premenvironments,cloudcomputingfollowsasharedresponsibilitymodel.Responsibilityfortheinfrastructure(e.g.zcompute,networking,andstorage)isheldwiththecloudserviceprovider(CSP)andresponsibilityforsecurityissharedbetweentheCSPandtheircustomers.Butthesharingstopswhenitcomestoresponsibilityforcustomers'applications,data,andaccessmanagement.Organizations'securityanddevelopmentteamsownthisresponsibilityandmustcollaboratetosuccessfullysecuretheircloudenvironments.Toequiptheseteamswiththeresourcestheyneed,itrsnecessarytounderstandthechallengestheyface(whetheremergentorperennial),thesolutionstheyuse,andtheeffectivenessofsolutionsinhelpingthemmeettheirresponsibilities.Howareorganizationschoosingsecuritytools,andhowarethosetoolsbeingoperationalized?Whichpracticesareproducingthebestsecurityoutcomes,andwhicharehamperingefforts?Weexploredthesequestionsandothersinourannualmulti-industrysurveyonthestateofcloud-nativesecurity.IOCBDabonalOMtlOokHandbOOkSofwarcDCVdoPCfQMaliwA¾auraccAndIYsts.andTc¾tcr¾.BUrCdUOfLaborStatiSUCU2BUreaUOfLabOrStaUsties,QeCuPationalOUUaakHandbDak-InfafmatiOnSeCUfityAnalysts,BUreaUOfLabOrStatisticsWHATDIDWEFIND?Shift-left security is accelerating.Decisions on tooling have become clouded by complexity.Collaboration across teams is essential to better security outcomes.Sinceunaddressedvulnerabilitiescanbeexploitedinproduction,itzscriticaltocatchandfixthesevulnerabilitiesearlyintheapplicationdevelopmentlifecycle.Oursurveyrevealedthatrisksintroducedearlyinapplicationdevelopmentarethe#1concern.Knownvulnerabilities,embeddedmalware,andsensitivedata,suchassecretsorconfigurationdata,aresomeexamplesofearlyrisks.Tocatchemergentthreatsupstream,securityteamsturntotoolssuchascodereposcanning,softwarecompositionanalysis(SCA)zandregistryscanning.Overwhelmedbytheproliferationofdiscretetoolingoptions,morethan75%ofrespondentsreportedthattheirorganizationstrugglestoidentifywhichsecuritytoolscanhelpthemmeettheirneeds.Thesheernumberandroleofeachdiscretetoolcanpresentoperationalheadachesandfurtherisolatesiloszoftencreatingblindspotsinanorganization'ssecurityposture.Unliketraditionalsecurity,thecloudrequiresuserstounitedisparateteamsaroundacommongoal.Todothis,organizationsneedtobeintentionalaboutbreakingdownsilos.Oursurveyshows81%ofenterpriseshaveembeddedsecurityprofessionalsintheirdevelopmentandoperationsteam.Fromhere,organizationsmuststayattunedtofrictionasitarisesanddevelopasecurityarchitecturethatinspiresconfidenceanddoesn'tslowDevOpsprocessesdown.TABLEOFCONTENTSExecutiveSummaryKeyFindingsiiIntroduction1HowEnterprisesAreMigratingtotheCloud2ApplicationVelocityinCloud-NativeEnterprises6CloudComplexity7ImplicationsforSecurityTeams8HowEnterprisesAreApproachingSecurity12HowApplicationDevelopersAreShapingSecurity14ThePathForward15Recommendations17ThethirdannualStateofCloud-NativeSecurityReportexaminestheevolvingsecuritypractices,toolszandtechnologiesthatorganizationsaroundtheworldareemployingtotakeadvantageofcloudservicesandnewapplicationtechstacks.FieldedfromNovember21toDecember14z2022,thesurveygathereddatafrom2z500-plusrespondentsinsevencountries,includingtheUnitedStates,Australia,Germany,France,Japan,Singapore,andtheUnitedKingdom. Allmajorindustrieswereincludedinthesample,withrepresentationfromconsumerproductsandservices,energyresourcesandindustrials,financialservices,healthcare,technology,media,andtelecommunications. Morethan50%ofthesamplecamefromenterprise-sizedorganizations(over$1Binannualrevenue).oRespondentsweresplitevenlybetweenexecutiveleadershipandpractitioner-levelrolestounderstandsentimentsbroadlyacrossorganizations.Practitioner-Ievelrespondentswererestrictedtothosewhoworkindevelopment,ITorinformationsecurityfunctions. Allrespondentsreportedthemselvesknowledgeableandfamiliarwiththeirorganization'scloudoperationsandcloudsecurityandweresourcedfromprofessionalsurveypanels.PaloAltoNetworkspartneredwithTheFoSSiCkerGroUD,amajoritywoman-owned,full-serviceresearchfirm,onallelementsofthisyear'sreport,includingsurveydesign,fieldwork,analysis,narrative,datavisualizations,andreportdesign.CLOUDMIGRATIONISSTILLGROWINGSimila

注意事项

本文（2023年云安全报告（英）.docx）为本站会员（王**）主动上传，优知文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若此文所含内容侵犯了您的版权或隐私，请立即通知优知文库（点击联系客服），我们立即给予删除！

温馨提示：如果因为网速或其他原因下载失败请重新下载，重复下载不扣分。