Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Ask The Experts

9/10/2019
07:00 AM
Beyond the Edge
Beyond the Edge
Ask the Experts

What Are the First Signs of a Cloud Data Leak?

Most cloud data breaches leave only trace signs of malfeasance, so it can be tricky.



Question: What are the first signs of a cloud data leak?

Josh Stella, co-founder and CTO of Fugue: Many cloud breaches are only discovered when data appears on the Dark Web or hackers make mistakes. Unfortunately, this can be extremely challenging. Most cloud data breaches leave only trace signs of malfeasance, such as a handful of API calls in logs that can be found, and many of those API calls look a lot like normal operations on the cloud. Be on the lookout for unusual List and Read operations in your API call logs — particularly for data that isn't usually directly listed or read during normal production operations. The key to stopping cloud-based data breaches is to prevent cloud misconfiguration in the first place.

What do you advise? Let us know in the Comments section, below.

Do you have questions you'd like answered? Send them to [email protected].

 

Beyond the Edge content is curated by Dark Reading editors and created by external sources, credited for their work. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
AnonZero
50%
50%
AnonZero,
User Rank: Apprentice
9/10/2019 | 8:49:28 AM
Run an Access Advisor report
Knowing which AWS services your roles, groups, users, or policies have access to is a good start to IAM permission management. An easy way to check is to run an Access Advisor report. See how at https://www.awspsblog.org/
Cartoon Contest: Bedtime Stories
Flash Poll