CSA CCM AIS-04

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries can steal application access tokens as a means of acquiring credentials. Application access tokens are used to make authorized API requests on behalf of a user or service and are commonly used as a way to access resources in cloud and container-based applications. The SSDLC process should ensure that applications APIs, and applications access tokens are securely created and protected in their cloud environments.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries can steal and use application access tokens as a means of acquiring credentials. Application access tokens are used to make authorized API requests on behalf of a user or service and are commonly used as a way to access resources in cloud and container-based applications. The SSDLC process should ensure that applications APIs, and applications access tokens are securely designed, developed, and protected in their cloud environments.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. By stealing alternate authentication material, adversaries are able to bypass system access controls and authenticate to systems without knowing the plaintext password or any additional authentication factors. The use of secure coding techniques to implement token binding allows applications and services to cryptographically bind their security tokens to the TLS layer to mitigate token theft.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries may exploit software vulnerabilities in an attempt to collect credentials. Secure coding and secure configurations can prevent the exploit of known web application vulnerabilities used by attackers to access stored credentials.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries may manipulate source code in open-source dependencies for the purpose of compromise to add malicious code to users of the dependency. SSDLC should validate open-source components to prevent the use of malicious or vulnerable dependencies.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries may attempt to access the Cloud Instance Metadata API to collect credentials and other sensitive data. The SSDLC process should ensure that applications and APIs are securely designed, developed, and operated in their cloud environments.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries may query and search through compromised applications to find and obtain insecurely stored credentials. Secure coding practices and secure credential handling may prevent hardcoded/insecurely stored credentials and ensure the that those cloud accounts are not compromised.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries may query and search through compromised applications to find and obtain insecurely stored credentials. Secure coding practices and secure credential handling may prevent hardcoded/insecurely stored credentials and ensure the use of proper encryption for credentials and application data.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries will use T1059 for various command injection attacks through web application interfaces. Securing serverless functions, cloud APIs, and web applications from command injection can help in mitigating this technique.

This control requires both Cloud Service Providers and customers to implement a Secure Software Development Lifecycle (SSDLC) with security practices throughout the entire application development process to protect cloud-based applications from cyber threats. Adversaries will use T1190 to exploit vulnerabilities in web applications internet-facing host or system to initially access a network. Proper input validation and secure coding practices can prevent exploitation of web application vulnerabilities.