Open services leave business networks exposed

As cloud environments become more and more common the extra risks are mostly well understood but a new blog from Orca Security shows that businesses could be leaving their networks open via common configuration errors. The use of external CI/CD (continuous integration/continuous delivery) services means access control lists (ACLs) are often changed but this can inadvertently leave internal services open to the world argues Avi Shua, CEO and co-founder of Orca Security. Although your CI/CD vendor may be reputable, opening them up on your ACL though may mean implicitly trusting all their customers too. The Atlassian Bitbucket service, for example,… [Continue Reading]