Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The cloud has transformed collaboration. Teams now share documents, slides, spreadsheets, and more in real time, without worrying about content silos or email chains (a hotspot for inefficient sharing). For most files, it’s seamless. But here’s the reality: Not all work lives comfortably in the cloud. Designers, video editors, engineers, and data scientists are just a few of the professionals who depend on desktop native apps to do their best work.

We have just released the 2025 State of Cloud Security study, where we analyzed the security posture of thousands of organizations using AWS, Azure, and Google Cloud. In particular, we found that: In this post, we provide key recommendations based on these findings, and we explain how you can use Datadog Cloud Security to improve your security posture.

If you attended AWS re:Invent last year, it probably felt like there was an AI solution for everything. Models, copilots, agents; by the end, someone had to pitch an AI solution to summarize all of the other AI solutions. This year, it may still feel like the AI announcements multiply faster than the models themselves. Under all of the hype, one message still resonates: AI innovation only works when it’s built on a secure foundation.

CyberArk introduces Access Requests for Secure Cloud Access: Secure, seamless user experience for requestors and approvers alike. Securing and requesting access to multiple clouds can feel like navigating through a maze of approvals and endless tool-switching. In an ideal world, access requests would provide users with frictionless, just-in-time access across AWS, Azure, and Google Cloud from within their existing platform.

Breaking down the trade-offs between API integration and proxy gateways for modern access management The way organizations manage access has fundamentally shifted. In the past, infrastructure was mostly static—centralized data centers, long-lived servers, and predictable traffic patterns. You could rely on VPNs, firewalls, and a fixed set of roles in your identity provider. Access paths were clear, and change was infrequent. But that’s no longer the case.

New details are emerging about a wave of intrusions into Amazon Web Services environments. Attackers are reportedly weaponizing AWS IAM, using it to validate stolen credentials and turn identity controls into a springboard for in-cloud abuse. According to new research from Fortinent, attackers are leveraging the open source TruffleHog tool to automate testing of stolen AWS credentials in what they are calling the TruffleNet infrastructure.

When it comes to managing cloud application usage in an organization, the challenges are anything but simple. On one side, users are constantly exposed to malicious links and risky apps. On the other, locking things down too tightly by broadly blocking access to services can cripple employee productivity. Ideally, you'd want a balance between security and productivity.

AWS re:Inforce 2025 delivered a flood of security announcements back in June. Simplified AWS WAF consoles. New Shield network posture management. Integrated CloudFront security. The headlines promised that enterprise-grade security finally became accessible to mid-market companies. Six months later, the hype cycle is over.

Key Takeaways Cloud misconfiguration is the silent epidemic destroying enterprise security. While organizations accelerate cloud adoption across cloud environments, Gartner analysis shows that through 2025, 99% of cloud security failures have been the customer’s fault, primarily due to misconfigurations. For decision-makers, this represents a critical business risk that demands immediate strategic attention.