Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Cloud Risk Report 2024

38% of organizations have at least one critically exposed cloud workload – with a toxic cloud trilogy of:

  • publicly exposed
  • critically vulnerable
  • highly privileged
 

Identifying blind spots, searching for context and addressing the toxic cloud trilogy.

As cloud infrastructure complexity increases and threat landscape targets rapidly shift, new and significant security gaps are emerging. Among these, the "toxic cloud trilogy" presents one of the most critical risks. The Tenable Cloud Risk Report 2024 dives deeply into this challenge and others, offering insights into the real and sometimes surprising risks confronting cloud environments – and ways to address them.

Your go-to cybersecurity report for critical insights this year.

Dive into the Tenable Cloud Risk Report today.

 

Uncovering the Toxic Trilogy

38% of organizations have high risk workloads

Critical exposure of cloud workloads

Many global breaches in 2024 were caused by one-day vulnerabilities on exposed workloads, with some of the most severe involving lateral movement through compromised workload privileges.

84% of organizations have risky access keys

IAM and credential vulnerabilities

Discovery is key. Discover, inventory and assess all assets and their vulnerabilities across your infrastructure- from IT to OT, container, web apps and identity systems.

23% of cloud identities have critical or high severity excessive permissions

Prevalence of excessive permissions

Our research revealed extensive instances of — and issues with — excessive permissions in both human and non-human identities.

74% of organizations have publicly exposed storage assets

Cloud storage risks

As organizations expand their use of cloud-native applications, the amount of cloud-stored sensitive data —like customer info, employee records and business IP—grows. This makes cloud data a prime target for hackers - and highlights the need to examine exposure.

78% of organizations have publicly accessible Kubernetes API servers

Kubernetes security challenges

As container adoption grows, with Kubernetes as the leading orchestrator, new security challenges arise that demand specialized expertise and deep knowledge of Kubernetes complexities.

80% of workloads had unremediated critical CVE

Unmanaged cloud vulnerabilities

Discovery is key. Discover, inventory and assess all assets and their vulnerabilities across your infrastructure- from IT to OT, container, web apps and identity systems.

Know your weaknesses. Expose your gaps. Close your true exposures fast.

Explore the most pressing threats and discover effective strategies to protect your cloud infrastructure from potential breaches.

Tenable's cloud exposure icon
Tenable's Cloud Risk Report 2024 cover image

This year's essential cybersecurity report you can't afford to miss.

Access the full report now.

Download now

Related resources

 
Press release

Tenable Cloud Risk Report Sounds the Alarm on Toxic Cloud Exposures Threatening Global Organizations

 
Solution

Data Security Posture Management (DSPM)

 
Blog

Who’s Afraid of a Toxic Cloud Trilogy?