Security teams need a new mindset to keep up with the risks created by modern devops practices in the cloud.
Visibility into attack paths and a vulnerability’s blast radius is required to truly manage security risks. Teams need to evaluate and prioritize vulnerabilities based on their potential impact to the business, with insight into the risks unique to the host. For example, if you don’t know every identity on your workload and what access their permissions allow, you can’t see which vulnerabilities could lead to an over permissioned identity with crown-jewel data access.
