Cloud container vulnerabilities soar, Skybox Security finds

Cloud container vulnerabilities soar, Skybox Security finds

Skybox Security releases mid-year update to its 2019 Vulnerability and Threat Trends Report, analysing what’s shaping the threat landscape so far this year

Skybox Security, a global leader in cybersecurity management, has announced the release of the mid-year update to its 2019 Vulnerability and Threat Trends Report, analysing the vulnerabilities, exploits and threats in play over the first half of 2019.

The report, compiled by the team of security analysts at the Skybox Research Lab, aims to help organisations align their security strategy with the reality of the current threat landscape.

Among the key findings of the report is the marked growth of vulnerabilities in cloud containers. Containers, which create a distinction between virtual servers hosted on a shared machine, have seen vulnerabilities increase by 46% in the first half of 2019 compared to the same period in 2018 and 240% compared to 2017 H1 figures.

“Cloud technology and adoption has obviously skyrocketed, so it’s no surprise that vulnerabilities within cloud technology will increase,” said Skybox Director of Threat Intelligence, Marina Kidron. “What is concerning, though, is that as these are published, the race is on for attackers to develop an exploit because launching a successful attack on a container could have much broader consequences. Compared to other technology, containers can be more numerous and quickly replicated. The attack footprint could expand rapidly and the number of victims may be extremely high.”

“Container vendors put a great deal of attention to securing their products in the first place,” said Amrit Williams, VP of products. “But that also means reporting vulnerabilities when discovered. It’s critical that customers have a way to spot those vulnerabilities even as their environment may be changing frequently.

“They also need to assess those vulnerabilities’ exploitability and exposure within the hybrid network and prioritise them alongside vulnerabilities from the rest of the environment — on prem, virtual networks and other clouds.”

Also notable in the report is a decline in the total number of vulnerabilities published. Over the last two years, the total number of new vulnerabilities has outstretched any other previous year.

However, the number of vulnerability reports in 2019 H1 declined by 13% when compared to the same period last year. Still the current figures are historically high and it seems annual totals around 15,000 new CVEs will be the new norm.

“More than 7,000 new vulnerabilities were discovered in the first half of 2019 — that’s still significantly more than figures we’d see for an entire year pre-2017. So organisations are likely still going to be drowning in the vulnerability flood for some time,” said Ron Davidson, Skybox CTO and VP of R&D.

“Roughly a tenth of these have an exploit available and just 1% are exploited in the wild. That’s why it’s so critical to weave in threat intelligence into prioritisation methods and of course consider which vulnerable assets are exposed and unprotected by security controls.”

 

Browse our latest issue

Intelligent CIO Middle East

View Magazine Archive