Credenciais de longa duração lideram problemas de segurança na nuvem

[{"selector":"#anim-5d13112d-b3f4-40dd-a910-09e02cb0565d","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-a8d2440e-c521-4a47-b91e-309f3180b777","keyframes":{"transform":["translate3d(-109.81012%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}]

[{"selector":"#anim-05352e3d-67a1-4b61-bdc4-0cfc99412fb9","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-f8e86288-c161-4444-a1f6-901a1f873124","keyframes":{"transform":["translate3d(-115.18988%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-664c91d8-1ebf-41b5-ac8e-786b76eaa0a6","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-dddb6756-2469-4d43-996b-0a5601fbd245","keyframes":{"transform":["translate3d(106.23701%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] As credenciais que não expiram são identificadas como o principal problema de segurança na nuvem, segundo relatório da Datadog

[{"selector":"#anim-d2d65213-a08e-420e-9e92-b2b623b48ab5","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-505d09e0-b27f-4793-98bb-7f84ebc983dc","keyframes":{"transform":["translate3d(0px, -139.46361%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] 46% das organizações ainda utilizam usuários não-gerenciados com credenciais de longa duração, aumentando o risco à segurança

[{"selector":"#anim-99593728-dd10-4cc8-9f9f-42a3f040ab8b","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-c5cc3179-5e75-4eb5-a54c-1b9406388cef","keyframes":{"transform":["translate3d(-115.89405%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-fae59f1a-0238-4a86-88cc-db795d50699e","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-3cf29152-74c0-483c-aae8-3025f326bb75","keyframes":{"transform":["translate3d(105.58252%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Credenciais não gerenciadas abrem brechas para vazamentos frequentes em código-fonte, logs, artefatos de aplicativos e imagens de contêineres

[{"selector":"#anim-05b06496-4654-4d6a-90eb-0c968d10db5b","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-58c30476-d82c-4faa-8d57-ab2c48aaa3a1","keyframes":{"transform":["translate3d(0px, 456.70505%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Especialistas sugerem a adoção de autenticação moderna, monitoramento de APIs e uso de credenciais de curta duração para mitigar riscos

[{"selector":"#anim-748aea94-132e-420f-894e-f2646b74df08","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-5c38acc0-0d6f-4180-bfb0-7e76a95a739c","keyframes":{"transform":["translate3d(-115.18988%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-2cdfd5ab-9eef-44f2-a78e-1ecfe5ebe7d8","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-421dcf4b-7d86-4360-9975-976137dc9dce","keyframes":{"transform":["translate3d(72.14953%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Além disso, outro problema é que muitas credenciais de longa duração são antigas, com 62% das contas de serviço do Google Cloud e 60% dos usuários do AWS IAM tendo chaves com mais de um ano

[{"selector":"#anim-16a17c9e-5b43-4f12-89f2-fc940dc6cdd3","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-7a7b48fe-dad1-474c-b57a-02bea1c20dc8","keyframes":{"transform":["translate3d(0px, -294.63606%, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-f6390489-70f8-4c48-ba8b-3f2b2b0238f0","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ff7a3c10-d58d-4405-a431-e0cb3ab53c09","keyframes":{"transform":["translate3d(-7.69231%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-542bc50d-944e-49e0-b941-757ce2d434a7","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-8fd4cd60-942c-44da-b540-fb96a2e99230","keyframes":{"transform":["translate3d(7.27651%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Embora as configurações seguras em ambientes de nuvem estejam melhorando, credenciais arriscadas continuam a ser um ponto de entrada para invasores

Confira a matéria completa:

[{"selector":"#anim-ea8a7bd5-c1ee-42db-82e6-f5b2ff816092","keyframes":{"opacity":[0,1]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-fde14793-b697-48ba-b5c9-7476f81d01ee","keyframes":{"transform":["translate3d(-123.04965%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":600,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] Acesse