Content, Channel partners, Content

Sumo Logic Research: Multi-Cloud Security Findings

Share

The coronavirus (COVID-19) pandemic has led global organizations to increasingly adopt Amazon Web Services (AWS) and other cloud services. It also has required many organizations to reconsider how they secure their cloud workloads and provide access to them, according to "The Continuous Intelligence Report: The State of Modern applications, DevSecOps and the Impact of COVID-19" from security information and event management (SIEM) provider Sumo Logic.

Key findings from Sumo Logic's report included:

  • Multi-cloud adoption has increased 70 percent year-over-year.
  • On average, an AWS application has as many as 26 services, up from 15 last year, and is deployed across two or more regions and two or more accounts.
  • 88 percent of organizations choose Kubernetes to build and operate applications across multiple clouds.
  • 63 percent of AWS customers have adopted AWS CloudTrail, 35 percent have adopted VPC Flow Logs and 18 percent have adopted Amazon GuardDuty, so they can both leverage cloud security technologies and consume available cloud data sources.
  • Nearly one-third of AWS customers use some kind of threat intelligence service.
  • Command & control, exfiltration and execution tactics are among those most commonly used by cybercriminals against AWS customers; these tactics account for 95 percent of Sumo Logic's global intelligence for CloudTrail and GuardDuty.
  • Redis is the leading database used in AWS.
  • CloudFront is the leading content-delivery network used in AWS.

Collaboration between DevOps and security teams is crucial for organizations, particularly those that are employing remote workers during the pandemic, Sumo Logic stated. With collaboration between these teams, organizations can gain security analytics and insights and use them to find ways to optimize end-to-end software development and delivery processes.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.