{"id":53048,"date":"2023-08-03T13:24:04","date_gmt":"2023-08-03T13:24:04","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34866\/These-Are-The-Top-Five-Cloud-Security-Risks-Qualys-Says.html"},"modified":"2023-08-03T13:24:04","modified_gmt":"2023-08-03T13:24:04","slug":"these-are-the-top-five-cloud-security-risks-qualys-says","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/","title":{"rendered":"These Are The Top Five Cloud Security Risks, Qualys Says"},"content":{"rendered":"<p><strong>Cloud security specialist Qualys has provided its view of the top five cloud security risks, drawing insights and data from its own platform and third parties.<\/strong>\n<\/p>\n<p>The five key risk areas are misconfigurations, external-facing vulnerabilities, weaponized vulnerabilities, malware inside a cloud environment, and remediation lag (that is, delays in patching).\n<\/p>\n<p>The 2023 Qualys Cloud Security Insights report (<a href=\"http:\/\/10048132b82008548f7cdc51f1e0b6df5b15a16754fbc67cab04324a4c16d77c\" target=\"_blank\" rel=\"noreferrer noopener\">PDF<\/a>) provides more details on these risk areas. It will surprise no-one that misconfiguration is the first. As long ago as January 2020, the <a href=\"https:\/\/www.securityweek.com\/nsa-shares-guidance-mitigating-cloud-vulnerabilities\/\">NSA warned<\/a> that misconfiguration is a primary risk area for cloud assets \u2013 and little seems to have changed. Both Qualys and the NSA cite misunderstanding or avoidance of the concept of shared responsibility between cloud service providers (CSP) and cloud consumers is a primary cause of misconfiguration.\n<\/p>\n<p>\u201cUnder the shared responsibility model,\u201d explains Utpal Bhatt, CMO at Tigera, \u201cCSPs are responsible for monitoring and responding to threats to the cloud and infrastructure, including servers and connections. They are also expected to provide customers with the capabilities needed to secure their workloads and data. The organization using the cloud is responsible for the protection of workloads running in the cloud. Workload protection includes secure workload posture, runtime protection, threat detection, incident response and risk mitigation.\u201d\n<\/p>\n<p>While CSPs provide security settings, the speed and simplicity of deploying data to the cloud often lead to these controls being ignored, while compensating consumer controls are inadequate. Misunderstanding or misusing the delineation of shared responsibility leaves cracks in the defense; and Qualys notes \u201cthese security \u2018cracks\u2019 can quickly open a cloud environment and expose sensitive data and resources to attackers.\u201d\n<\/p>\n<p>Qualys finds that misconfiguration (measured against the CIS benchmarks) is present in 60% of Google Cloud Platform (GCP) usage, 57% of Azure, and 34% of Amazon Web Services (AWS).\n<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><img decoding=\"async\" loading=\"lazy\" src=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/08\/Cloud-misconfigurations-1024x546.png\" alt class=\"wp-image-34562\" width=\"768\" height=\"410\" srcset=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/08\/Cloud-misconfigurations-1024x546.png 1024w, https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/08\/Cloud-misconfigurations-360x192.png 360w, https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/08\/Cloud-misconfigurations-768x410.png 768w, https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/08\/Cloud-misconfigurations.png 1488w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\"><\/figure>\n<\/div>\n<p>Travis Smith, VP of the Qualys threat research unit, suggests, \u201cThe reason AWS configurations are more secure than their counterparts at Azure and GCP can likely be attributed to the larger market share\u2026 there is more material on securing AWS compared to other CSPs in the market.\u201d<\/p>\n<div class=\"zox-post-ad-wrap\"><span class=\"zox-ad-label\">Advertisement. Scroll to continue reading.<\/span><\/div>\n<p>The report urges greater use of the Center for Internet Security (CIS) benchmarks to harden cloud environments. \u201cNo organization will deploy 100% coverage,\u201d adds Smith, \u201cbut the [CIS benchmarks mapped to the MITRE ATT&amp;CK tactics and techniques] should be strongly considered as a baseline if organizations want to reduce the risk of experiencing a security incident in their cloud deployments.\u201d\n<\/p>\n<p>The second big risk comes from external facing assets that contain a known vulnerability. Cloud assets with a public IP can be scanned by attackers looking for vulnerabilities. Log4Shell, an external facing vulnerability, is used as an example. \u201cToday, patches exist for Log4Shell and its known secondary vulnerabilities,\u201d says Qualys. \u201cBut Log4Shell is still woefully under remediated with 68.44% of detections being unpatched on external-facing cloud assets.\u201d\n<\/p>\n<p>Log4Shell also illustrates the third risk: weaponized vulnerabilities. \u201cThe existence of weaponized vulnerabilities is like handing anyone a key to your cloud,\u201d says the report. Log4Shell allows attackers to execute arbitrary Java code or leak sensitive information by manipulating specific string substitution expressions when logging a string. It is easy to exploit and ubiquitous across clouds.\n<\/p>\n<p>\u201cLog4Shell was first detected in December 2021 and continues to plague enterprises globally. We have detected one million Log4Shell vulnerabilities, with a mere 30% successfully fixed. Due to complexity, remediating Log4Shell vulnerabilities takes, on average, 136.36 days (about four and a half months).\u201d\n<\/p>\n<p>The fourth risk is the presence of malware already in your cloud. While this doesn\u2019t automatically imply \u2018game over\u2019, it will be soon if nothing is done. \u201cThe two greatest threats to cloud assets are cryptomining and malware; both are designed to provide a foothold in your environment or facilitate lateral movement,\u201d says the report. \u201cThe key damage caused by cryptomining is based on wasted cost of compute cycles.\u201d\n<\/p>\n<p>While this may be true for miners, it is worth remembering that the miners found a way in. Given the efficiency of information sharing in the dark web, that route is likely to become known to other criminals. In August 2022, Sophos <a href=\"https:\/\/www.securityweek.com\/cyberattack-victims-often-attacked-multiple-adversaries-research\/\">reported<\/a> on \u2018multiple adversary\u2019 attacks, with miners often leading the charge. \u201cCryptominers,\u201d Sophos told <em>SecurityWeek<\/em> at the time, \u201cshould be considered as the canary in the coal mine \u2013 an initial indicator of almost inevitable further attacks.\u201d\n<\/p>\n<p>In short, if you find a cryptominer in your cloud, start looking for additional malware, and find and fix the miner\u2019s route in.\n<\/p>\n<p>The fifth risk is slow vulnerability remediation \u2013 that is, an overlong patch timeframe. We have already seen that Log4Shell has a remediation time of more than 136 days, if it is done at all. The same general principle will apply to other patchable vulnerabilities.\n<\/p>\n<p>Effective patching quickly lowers the quantity of vulnerabilities in your system and improves your security. Statistics show that this is more effectively performed by some automated method. \u201cIn almost every instance,\u201d says the report, \u201cautomated patching proves to be a more effective remediation path than hoping manual efforts will effectively deploy critical patches and keep your business safer.\u201d\n<\/p>\n<p>For non-Windows systems, the effect of automated patching is an 8% improvement in the patch rate, and a two-day reduction in the time to remediate.\n<\/p>\n<p>Related to the remediation risk is the concept of technical debt \u2013 the continued use of end-of-support (EOS) or end-of-life (EOL) products. These products are no longer supported by the supplier \u2013 there will be no patches to implement, and future vulnerabilities will automatically become zero day threats unless you can otherwise remediate.&nbsp;\n<\/p>\n<p>\u201cMore than 60 million applications discovered during our investigation are end-of-support (EOS) and end-of-life (EOL),\u201d notes the report. Furthermore, \u201cDuring the next 12 months, more than 35,000 applications will go end-of-support.\u201d\n<\/p>\n<p>Each of these risks need to be prioritized by defense teams. The speed of cloud use by consumers and abuse by attackers suggests that wherever possible defenders should employ automation and artificial intelligence to protect their cloud assets. \u201cAutomation is central to cloud security,\u201d comments Bhatt, \u201cbecause in the cloud, computing resources are numerous and in constant flux.\u201d\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/google-cloud-now-offering-1-million-cryptomining-protection\/\">Google Cloud Now Offering $1 Million Cryptomining Protection<\/a>\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/survey-shows-reasons-cloud-misconfigurations-are-many-and-complex\/\">Survey Shows Reasons for Cloud Misconfigurations are Many and Complex<\/a>\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/qualys-flags-gaping-security-holes-exim-mail-server\/\">Qualys Flags Gaping Security Holes in Exim Mail Server<\/a>\n<\/p>\n<p><strong>Related<\/strong>: <a href=\"https:\/\/www.securityweek.com\/most-weaponized-vulnerabilities-of-2022-and-5-key-risks-report\/\">Most Weaponized Vulnerabilities of 2022 and 5 Key Risks: Report<\/a>\n<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34866\/These-Are-The-Top-Five-Cloud-Security-Risks-Qualys-Says.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":53049,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[968],"class_list":["post-53048","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlineflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>These Are The Top Five Cloud Security Risks, Qualys Says 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"These Are The Top Five Cloud Security Risks, Qualys Says 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-03T13:24:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/08\/Cloud-misconfigurations-1024x546.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"These Are The Top Five Cloud Security Risks, Qualys Says\",\"datePublished\":\"2023-08-03T13:24:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/\"},\"wordCount\":1059,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/these-are-the-top-five-cloud-security-risks-qualys-says.png\",\"keywords\":[\"headline,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/\",\"name\":\"These Are The Top Five Cloud Security Risks, Qualys Says 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/these-are-the-top-five-cloud-security-risks-qualys-says.png\",\"datePublished\":\"2023-08-03T13:24:04+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/these-are-the-top-five-cloud-security-risks-qualys-says.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/these-are-the-top-five-cloud-security-risks-qualys-says.png\",\"width\":1024,\"height\":546},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/these-are-the-top-five-cloud-security-risks-qualys-says\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"These Are The Top Five Cloud Security Risks, Qualys Says\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"These Are The Top Five Cloud Security Risks, Qualys Says 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/","og_locale":"en_US","og_type":"article","og_title":"These Are The Top Five Cloud Security Risks, Qualys Says 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-08-03T13:24:04+00:00","og_image":[{"url":"https:\/\/www.securityweek.com\/wp-content\/uploads\/2023\/08\/Cloud-misconfigurations-1024x546.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"These Are The Top Five Cloud Security Risks, Qualys Says","datePublished":"2023-08-03T13:24:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/"},"wordCount":1059,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/these-are-the-top-five-cloud-security-risks-qualys-says.png","keywords":["headline,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/","url":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/","name":"These Are The Top Five Cloud Security Risks, Qualys Says 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/these-are-the-top-five-cloud-security-risks-qualys-says.png","datePublished":"2023-08-03T13:24:04+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/these-are-the-top-five-cloud-security-risks-qualys-says.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/08\/these-are-the-top-five-cloud-security-risks-qualys-says.png","width":1024,"height":546},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/these-are-the-top-five-cloud-security-risks-qualys-says\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineflaw\/"},{"@type":"ListItem","position":3,"name":"These Are The Top Five Cloud Security Risks, Qualys Says"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53048","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53048"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53048\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/53049"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53048"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53048"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53048"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}