Bridgecrew, a developer-first platform that codifies cloud security, recently published the State of Open Source Terraform Security report. The company utilized open-source Infrastructure-as-Code (IaC) static analysis tool Checkov. One of the key findings reveals that modules used to provision AWS resources are most likely misconfigured.
Bridgecrew, a developer-first platform that codifies cloud security, recently published the State of Open Source Terraform Security report. To scan around 2,600 Terraform modules within public and open source Terraform Registry, the company utilized open-source Infrastructure-as-Code (IaC) static analysis tool Checkov. One of the key findings reveals that modules used to provision AWS resources are most likely misconfigured.
Emphasizing that Terraform is thriving, the report states that there has been a dramatic rise in module contributions within Terraform Registry in Q2 2020. However, as IaC security may not be a top priority for the community, 48% of these modules are misconfigured. Guy Eisenkot, co-founder and VP of product, Bridgecrew, said, "At a time when organizations are embracing DevSecOps principles more and more, we were surprised by the gaps in security coverage and awareness at the IaC level."
The report highlighted that the majority of Checkov checks failed because the engineering teams did not define modules' optional arguments for enhancing data security and traceability. The checks were categorized according to the classifications defined by Center of Internet Security (CIS), applicable across cloud providers.
Pointing out the lack of awareness about defining logging at the IaC level, the report has shown that the backup and recovery category was the most common failing check category with 81% of failing checks. Logging and encryption took the 2nd and 3rd place, respectively. With the AWS modules, more than half of checks in these categories failed.
When looking at the Registry module downloads, over 15 million downloads contained misconfigured resources. Clarifying that these misconfigurations do not represent a risk, the report explained that the impact is on organizations' overall compliance posture. The report further concluded that out of the top ten most downloaded modules, eight contain misconfigurations. The most downloaded misconfigured modules include top-rated and widely used services such as AWS RDS, AWS EKS, AWS ELB, and AWS IAM.
Mismanagement of multi-cloud expense costs an arm and leg to business and its management has become a major pain point. Here we break down some crucial tips to take some of the management challenges off your plate and help you optimize your cloud spend.
DevOps and Cloud computing are joined at the hip, now that fact is well appreciated by the organizations that engaged in SaaS cloud and developed applications in the Cloud. During the COVID crisis period, most of the organizations have started using cloud computing services and implementing a cloud-first strategy to establish their remote operations. Similarly, the extended DevOps strategy will make the development process more agile with automated test cases.
Storing and managing corporate data by applying the cloud is becoming more and more popular. Companies grow, and it gets too expensive, and resources consuming to store their data on traditional servers. To prove it, look at the research conducted by Google in 2019 that includes insights for the cloud computing market for the next 10 years.
Cloudflare, an American web-infrastructure and website-security company, recently introduced a cloud-based network-as-a-service solution for the enterprise workforce called Cloudflare One. The solution provides secure, fast, reliable, cost-effective network services, integrated with leading identity management and endpoint security providers.
To move or not to move? Benefits are multifold when you are migrating to the cloud. Get the correct information to make your decision, with our cloud engineering expertise.