- Cloud
- Tenable Cloud Security
Tenable Cloud Security Risk Report 2025
Discover critical exposures in data, workloads and AI – and learn how to protect your organization.
The Tenable Cloud Security Risk Report 2025 delivers in-depth insights into the most pressing security challenges organizations face. Based on an extensive analysis of real-world cloud environments, this report uncovers critical exposures in data security, workload protection, identity management and AI security.
In 2025, the biggest trends in cloud security risks:
- Exposed sensitive data
- Secrets in risky locations
- Toxic combinations still plaguing workloads
Unmask hidden cloud risk
Dive into the report today.
Key Takeaways
Sensitive data at risk
Discover the prevalence of exposed sensitive data and secrets within public cloud storage, and understand the immediate risks they pose to your data security posture.
Secrets aren’t safe
Over half of organizations using Amazon Web Services (AWS) ECS task definitions have at least one secret residing there — creating a dangerous exposure path in cloud infrastructure entitlements.
Good news for cloud workload protection
While the percentage of organizations with toxic cloud trilogies — workloads that are publicly exposed, critically vulnerable and highly privileged — fell nine points to 29%, this level of risk exposure remains alarmingly high and demands immediate cloud identity management.
Cloud security's hidden traps: Are you exposed?
Based on real-world telemetry, the Tenable Cloud Security Risk Report 2025 exposes the dangerous intersection of public access and sensitive data, along with the ongoing challenges of securing identities and AI workloads, all while acknowledging improvements in some key security areas.
Unmasking real-world cloud risks in 2025
Equip yourself with the latest intelligence on emerging cloud risks.