Unmasking Backend Cloud Security: Your Data's Hidden Risks #shorts

And what's going on in the back end with your applications? You know, you connect to these applications with SSO, you see the front end, it's really nice and clean, you have access to your data, right? Now, what's going on behind the hood? You've got who has access to your data from the back end, your cloud security or your cloud service providers, um the code is hosted in GitHub, GitLab, some other code repository. There's a CICD pipeline, that's continuous integration, continuous deployment. So, everybody likes to use Kubernetes, deploy his code, all this other stuff. All this stuff is going on in the background and thousands and thousands of open source libraries, log for shell, that you don't know about, that you're

not managing. All of this stuff is going on behind the hood. And in in a zero trust environment, how do you determine access? Your your identity provider, whether it's Okta, Azure AD, Duo, one of these, generally they have users, groups, and applications and you you have a user and then based on what groups they're a member of, they can access applications. Well, a user can be member of more than one group. A lot of times, a group can be a member of a group. And so, and then applications are determining these accesses and it's never as clear-cut as you'd like it to be. And so, sometimes people will come to you and ask a question to say, "Hey, this

account was compromised. I need a list of every single application this user could access." That's not always as easy of a question to answer as it really should be. Or, you know, list me everybody who is an admin of this application, same thing. This group is an admin, but this group contains this group, which contains this other group, and you just go down these rabbit holes to answer these very what should be very simple questions.