Your security environment is complicated. You’re invested in multiple security tools – antivirus, firewalls, IDS, IPS, SIEM, DLP, and more. If you haven’t invested in a red team, however, you’re doing security wrong. How could you know that your expensive defenses are working unless you’ve tested them out?
Think of the last time you logged into your network. Let’s assume that you used a traditional VPN, with a traditional IAM scheme underneath. This isn’t a bad assumption, because 25% of all internet traffic goes over a VPN.
Bad news for cloud proponents! The security firm Skyhigh Networks reports that 7% of Amazon S3 buckets are set to unrestricted public access, meaning that anyone with a link to the server can read it.