The “great cloud migration” is looking different than how it was originally touted, with few organizations hosting all their applications exclusively on public cloud platforms. Almost all operate a hybrid infrastructure mixing public cloud, private cloud, and on-premises environments. While that mix continues to change and morph—a dynamic that raises security concerns by itself—security threats against applications are increasing in frequency and severity.
Compounding these threats is alarmingly low organizational preparedness for multi-cloud security, poor visibility into security weaknesses of their own APIs (as well as third-party APIs and code), and insufficient protections against application DDoS attacks.