Why does it seem so hard to consistently deploy secure application infrastructure in the public cloud? Gartner predicts that by 2025, 99% of cloud security breaches will be the customer’s fault. The majority of the problems stem from the insecure configuration of application infrastructure and vulnerabilities in container images.
These insecure configurations can range from setting a wrong access control list on an Amazon S3 bucket or deploying an Amazon Relational Database Service (RDS) instance that is not encrypted, to configuring a Kubernetes app manifest to spin up containers as root. In addition, many enterprises today use some sort of infrastructure as code (IaC) mechanism – Terraform, CloudFormation, Azure Resource Manager (ARM) templates or Kubernetes app manifests – to rapidly deploy resources to multiple cloud environments, which can create insecure configurations at scale if not validated before deployment.
To read more click on the link https://blog.paloaltonetworks.com/2020/03/cloud-devops-plugins/