Our cloud environment spans 3 providers, 40+ SaaS tools, and hundreds of APIs. The attack surface extends way beyond what we own. How do you get full visibility?
Posted by Infamous_Horse@reddit | ExperiencedDevs | View on Reddit | 4 comments
Trying to map our actual attack surface and its overwhelming. We run workloads across AWS, Azure, and GCP. We integrate with 40+ SaaS tools. Hundreds of APIs connect everything. Most of those saas vendors now have AI embedded that we never approved.
Our security tools cover what we directly own and operate. Thats maybe 60% of the actual surface. The other 40% is basically third party APIs, vendor integrations, embedded AI in SaaS, open source dependencies is basically invisible to us.
Last month a vulnerability in a thirdparty API we integrate with wouldve given an attacker a path into our production environment, found it during an unrelated review. Our tooling never flagged it because it doesnt see beyond our own infrastructure.
What’s working to get visibility across multi cloud, SaaS integrations, and thirdparty risk? Would really make my life simper if there was one tool that handled it all
ExperiencedDevs-ModTeam@reddit
Rule 9: No Low Effort Posts, Excessive Venting, or Bragging.
Using this subreddit to crowd source answers to something that isn't really contributing to the spirit of this subreddit is forbidden at moderator's discretion. This includes posts that are mostly focused around venting or bragging; both of these types of posts are difficult to moderate and don't contribute much to the subreddit.
Watchful1@reddit
That's interesting. Two days ago you posted that you didn't work for a company and did independent audits.
LeadingPokemon@reddit
Depends what persona he’s feeding the author that day!
AnonimasPaberzis@reddit
treat apis as any user input. Filter the input.
For 3rd party libs, use package manager tools to check for vulnerabilities and minor updates. Make devs update the packages frequently