Cloud Security Report – Spring 2014
In this Edition
This annual publication documents Alert Logic’s comparative analysis of the state of security across customer cloud and on-premises infrastructures.
This year’s report also features an additional research tool: Cloud Honeypots. Using honeypots deployed in public cloud infrastructures around the world, Alert Logic researchers have gained valuable insights related to attack trends in the cloud.
A honeypot is a decoy system configured to be intentionally vulnerable, deployed to gather information about attackers and their exploitation methods. While honeypots are not typically the target of highly sophisticated attacks, they are subject to many undefined attacks, and provide a window into the types of threats being launched against the cloud.
WHY USE HONEYPOTS
Honeypots allow researchers to:
Collect new and emerging malware
Indentify the source of the attacks
Determine attack vectors
Build a profile of the target industry if using specific industry domains
Honeypots are also deployed in the corporate space to find attacks that hit a particular company and/or industry. These honeypots are built on the edge of a corporate network, and made deliberately vulnerable so that they will be compromised.
- Provides detail on the IP addresses of the source location
- Identifies malware in order to reverse engineer
- Creates signature content for protecting the application stack—network, systems, and application—via IDS, log analytics, and web application firewalls
- Provides insight into the types of attacks and associated characteristics