A Cloud Workload Protection Platform – Buyers Guide

When cloud resources are publicly accessible, whether by design, misconfiguration, or compromise, they come under the scrutiny of threat actors. Such scrutiny is fully automated, as threat actors programmatically search for victims. In February 2023, SentinelOne researchers observed IceFire double-extortion ransomware attacks targeting public internet-facing Linux cloud infrastructure of large enterprises. By exploiting a critical input deserialization vulnerability (CVE-2022-47986) on a file-sharing application running on that server, threat actors were able to gain access and perform a remote code execution (RCE) attack. This resulted in a complete compromise of the system.