LATEST INTELLIGENCE
PRESENTED BY
CLOUD SECURITY RISK REPORT 2025
Introduction
Cloud Security is a significant and growing aspect of our customers’ security programs, as captured in our Cloud & Container Attack & Defend blog series. This report examines five key risk themes observed thus far in 2025 across this series. We capture the challenge space, showcase examples of activity that have been observed, and guide how SentinelOne is aiding our customers in their efforts to prevent these attacks.
The 5 key risks explored in this document are:
Cloud credential theft
Due to their ability to enable and expand an attack’ s scope, targeting cloud credentials is an initial or early step for many cloud breaches. A top trend this year is the use of info stealers targeting cloud and container credentials.
Lateral movement in the cloud
After Initial Access, threat actors look to discover and move laterally to environments that offer them their desired scope of impact, whether that’ s ransomware deployment, resource theft, or sensitive data discovery. A top trend is the emergence of sophisticated threats that traverse cloud environments, originating from or pivoting to on-premises environments.
Vulnerable cloud storage
While misconfigured cloud object storage has long been a source for data breaches, threat actors are increasingly focused on accessing and abusing cloud object storage in new ways. Their intentions have changed from a historical focus on pure data exfiltration to targeting as a source for further credential harvesting and even ransomware. •
20
INTELLIGENT CIO LATAM www. intelligentcio. com