Report by ReliaQuest
Too Much Trust: The Danger of Over-Privileged Cloud Identities
6 FINDINGSPublished Nov 4, 2025
View Original Report →Key Findings
44% of true-positive security alerts from cloud security tools in Q3 2025 were driven by identity-related weaknesses.
ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·Nov 4, 2025
Cloud SecurityIdentity ManagementSecurity alerts
52% of all confirmed identity-based alerts were due to identity-related privilege escalation.
ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·Nov 4, 2025
Cloud SecurityIdentity Management
99% of cloud identities were found to be over-privileged, creating significant security risks.
ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·Nov 4, 2025
Cloud SecurityIdentity Management
33% of raw CSPM alerts were identity-related, contributing to the operational burden on security teams.
ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·Nov 4, 2025
Cloud SecurityIdentity ManagementCSPM
As of October 2025, there are over 14,700 Jenkins servers exposed to the internet that remain vulnerable to CVE-2024-23897.
ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·Nov 4, 2025
VulnerabilitiesCloud Security
71% of critical vulnerability alerts in Q3 2025 originated from just four legacy CVEs.
ReliaQuestToo Much Trust: The Danger of Over-Privileged Cloud Identities ·Nov 4, 2025
VulnerabilitiesCloud SecurityCVEs