Report by ReliaQuest

Too Much Trust: The Danger of Over-Privileged Cloud Identities

6 FINDINGSPublished Nov 4, 2025
View Original Report →

Key Findings

44% of true-positive security alerts from cloud security tools in Q3 2025 were driven by identity-related weaknesses.

ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·6mo ago
Cloud SecurityIdentity ManagementSecurity alerts

52% of all confirmed identity-based alerts were due to identity-related privilege escalation.

ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·6mo ago
Cloud SecurityIdentity Management

99% of cloud identities were found to be over-privileged, creating significant security risks.

ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·6mo ago
Cloud SecurityIdentity Management

33% of raw CSPM alerts were identity-related, contributing to the operational burden on security teams.

ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·6mo ago
Cloud SecurityIdentity ManagementCSPM

As of October 2025, there are over 14,700 Jenkins servers exposed to the internet that remain vulnerable to CVE-2024-23897.

ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·6mo ago
VulnerabilitiesCloud Security

71% of critical vulnerability alerts in Q3 2025 originated from just four legacy CVEs.

ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·6mo ago
VulnerabilitiesCloud SecurityCVEs