Supply chain risks from Cloud Security Posture Management
MetadataShow full item record
Cloud security posture management services (CSPMSs) support security efforts in the industry by providing more convenient ways of detecting misconfigurations, threats, and vulnerabilities in the cloud. The capabilities of a CSPMS depend on the level of access assumed by these management tools or services. CSPMS may obtain access to everything including keys, secrets, environmental variables, certificates, and sensitive data or files because of the nature of the privileges they assume before they scan the cloud environment. CSPMS clients are often naive about the nature of the privileges these services or tools assume, the amount of sensitive data they collect, and the supply chain risks associated with the implementation of the service or tools. Consequently, they often rollout default configurations or policies prescribed by vendors with little or no regards to supply chain risks since they are sold to them as read only policies. This thesis investigates supply chain risks associated with CSPMS and how least privileged principles can be used to mitigate such risks using comparative studies, experimentation, and analysis of default permissions of some of the existing CSPM services.