What Are the Security Risks Using IaC Templates?


In their most recent Cloud Threat Report, Palo Alto Networks’ Unit 42 global threat intelligence researchers completed an industry-first study of infrastructure as code (IaC) templates. While the name implies something deeply technical (the topic certainly can be), these templates are simply a new way of creating cloud infrastructure through code. They are building blocks for creating compute, storage, networking, security policy or just about anything in a cloud environment.

DevOps teams have rapidly adopted these templates as a way to automate the building of cloud infrastructure as well as increase the pace of feature delivery. However, there is a catch. Unit 42 researchers found over 200,000 insecure templates in use. The implications for businesses using IaC are profound.

Matt Chiodi, Chief Security Officer of Public Cloud at Palo Alto Networks, shares his thoughts.