Home / Companies / Datadog / Blog / Post Details
Content Deep Dive

Fix key cloud security risks with version 2 of the Essential Cloud Security Controls Ruleset

Blog post from Datadog

Post Details
Company
Date Published
Author
Nick Frichette, Katie Knowles, Ryan Simon, Tim Gonda
Word Count
4,806
Company Posts That Month
13
Language
English
Hacker News Points
-
Summary

The Essential Cloud Security Controls (ECSC) ruleset is a set of cloud security controls designed to help security teams prioritize their efforts and improve their security posture. The ECSC v2 includes an updated list of detections for each major cloud provider, including AWS, Azure, and Google Cloud, as well as support for Kubernetes. This allows cloud security teams to quickly identify which clusters they defend are at risk and work to remediate them. The ruleset is based on industry best practices, the risk of significant impact, and their potential to have prevented a known breach. It includes controls such as restricting public access to S3 buckets, disabling FTP deployments, and using secure authentication methods for Kubernetes API servers. The ECSC v2 also introduces support for Kubernetes, allowing cloud security teams to identify and remediate vulnerabilities in their containerized applications.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Kubernetes 18 1,439 188 73 +22%
Serverless 5 441 120 76 -21%
Secrets Management 1 612 99 50 -47%