Infrastructure-as-code security issues could put cloud platforms everywhere at risk

zeeforce
3 Min Read




  • Security researchers discussed vulnerabilities in Infrastructure-as-code (IaC)
  • There are a number of different ways crooks could abuse the systems
  • Issues also share defense mechanisms and workarounds

Security issues with infrastructure-as-code (IaC) and policy-as-code (PaC) specialized tools could put entire platforms, everywhere, at risk, experts have warned.

A report from cybersecurity researchers at Tenable have revealed how certain tools used to help manage cloud infrastructure and policies, such as Terraform and Open Policy Agent (OPA), could be hijacked and put to malicious use.



Source link

Share This Article
Leave a comment
Optimized by Optimole
Verified by MonsterInsights