There are many places to find backward-looking statistics of how many attacks were launched in cyberspace. Forward-looking guidance areas that security managers should focus on are harder to find. In times of economic uncertainty, it is even more critical for security teams to prioritize resources to increase effectiveness and efficiency in dealing with known threats while also minimizing the risk from emerging attacks.
The problem today is that there are too many tools, too little integration among them, and more noise than a team can analyze and understand – all of which add up to less visibility into threats and less efficient security teams. Automation is supposed to solve the “tool fatigue” problem, surfacing the most critical issues by running playbooks against common threats and freeing up valuable resources for other tasks. However, expectations for automation have outpaced its capabilities to drastically reduce human intervention in security monitoring.
Aqua's security research team, Nautilus, analyzed 16,371 attacks on container and cloud native infrastructure which occurred over a period of 1 year, between June 2019 and July 2020. This research aims to present the entire kill-chain of attacks against cloud native environments. Based on the attacks against our honeypots, this research publication provides a cohesive analysis. By examining the trends and behaviors identified in the past attacks, we are able to predict how this threat landscape will continue to morph, arming you with knowledge and tools to protect your environment.