Wiz
Blog

What Analyzing Hundreds of Thousands of Cloud Environments Taught Us About Data Exposure

Wiz Research reveals the latest cloud data security trends across hundreds of thousands of real-world environments.

Wiz Threat Research
2 minute read

As cloud adoption continues to accelerate, so do the questions facing security teams: Where is our sensitive data? Who can access it?  And are we doing enough to protect it? 

To help answer those questions, Wiz Research analyzed hundreds of thousands of cloud accounts across organizations of all sizes. The resulting report—Cloud Data Security Snapshot: Current Exposure Trends—uncovers the most common data exposure risks and misconfigurations in use today, with a sharp focus on where toxic combinations of access and data are creating real risk. 

Here’s a preview of what we found. 

Sensitive data is hiding in plain sight 

Virtual machines and serverless instances are often core parts of cloud infrastructure—and surprisingly often, they’re also exposed to the public internet while containing sensitive data. We found that 54% of cloud environments have exposed VMs and serverless instances containing sensitive information like PII or payment data. 

Even more concerning: 35% of cloud environments have VMs or serverless instances that both expose sensitive data and are vulnerable to high or critical severity threats.

This isn’t just a misconfiguration—it’s an opportunity to dramatically reduce breach potential by targeting high-impact overlaps of exposure and exploitability. 

Public doesn’t always mean dangerous—but context matters 

Publicly accessible resources are a normal part of cloud operations. But 72% of cloud environments have publicly exposed PaaS databases lacking access controls, raising the risk that sensitive data could be unintentionally exposed. With the right context, teams can differentiate between acceptable public assets and those that pose a genuine threat—and prioritize action accordingly.

Containers still need attention 

Despite years of innovation in container security, 12% of cloud environments still have containers that are both publicly exposed and exploitable via known vulnerabilities
It’s a reminder that continuous monitoring and good hygiene are essential in even the most mature cloud-native environments. 

Get the report 

Misconfigurations, exposure, and over-permissioned accounts are still common. But they’re not inevitable. By focusing on the right context—what’s exposed, what’s vulnerable, and what’s sensitive—security teams can get ahead of potential incidents and build a more resilient cloud environment. 

Explore the full report to see how security teams are using DSPM to turn visibility into action, and risk into results. 

Get the full DSPM Report

This report offers data-backed insights and practical steps to help cloud and security teams close gaps, strengthen posture, and build resilient environments.

Download report

Tags
#Research#Security#Wiz Cloud#Threat Intel#Data Security

Continue reading

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo