threats . Understanding the typical phases of attack can feed into building a proactive cloud threat model . For example , initial access is gained by exploiting publicfacing applications , exploiting trusted relationships , or discovering valid accounts in cloud environments .
Persistence is where an attacker takes steps to ensure they can return at will . At the same time , privilege escalation is a common goal to access valid accounts or to manipulate role assignments . Alongside this , attackers will often use access to seek out other resources that may be vulnerable . Following this , collection and exfiltration see data moved to a location under the attacker ’ s control .
Cloud threat modelling across the attacker ’ s entire lifecycle will unveil potential vulnerabilities and establish proactive security mitigations . Next , let ’ s look at three core pillars for mitigation .
Pillar # 1 – Identity and Access
Identity and access management defines who needs access to what and controls
Security teams must use advanced controls and develop dynamic processes for evaluating security to ensure success .
INTELLIGENT TECH CHANNELS 39