Vulnerabilities & Misconfigurations: Two Sides Of The Same Cloud-Native Risk Coin

Recorded September 28, 2022

View a Complimentary Live Webinar Sponsored by Prisma Cloud by Palo Alto Networks

DevOps and the rise of cloud-native technologies are changing the way we build modern applications. They’re also changing the attack surface. Open-source packages, infrastructure as code (IaC) resources, container images, and delivery pipelines can create a web of interdependencies. When one of those components contain weaknesses, attackers can chain them together to move laterally within an application to gain privileged access to sensitive data, or to inject malicious code that can be used in an exploit. 

In this webinar, we’ll cover an example of a software supply chain attack that chains infrastructure misconfigurations with known vulnerabilities, using the notorious Log4j flaw as a catalyst. Attendees will walk away with a better understanding as to why a proactive, defense-in-depth approach to cloud-native security is necessary and some tips for getting cohesive coverage across entire cloud-native application stacks—from code to cloud and application to infrastructure.