SentinelOne 2025 Cloud Security Risk Report: In‑Depth Summary — New Threats, Misconfigurations, AI Surfaces & Supply Chain Risks

The SentinelOne Cloud Security Risk Report 2025 paints a detailed and sobering picture of the evolving threat landscape affecting cloud environments across enterprises, government agencies, and critical infrastructure. Drawing from threat intelligence, active attack observations, and industry trends, the report identifies five major risk areas that security teams must urgently address as cloud adoption continues to accelerate and cloud ecosystems grow in both complexity and exposure.

The report’s central thesis is that while cloud infrastructure delivers agility and scalability, organizations are under‑securing critical parts of the cloud attack surface — often due to misconfigurations, leaked credentials, and fragmented security posture management strategies. In many cases, attackers don’t break systems through novel zero‑days; they simply exploit visibility gaps, weak identity controls, or trusted third‑party components.

1. Cloud Credential Theft: The Primary Entry Vector

One of the most persistent and high‑impact threats in cloud environments remains credential compromise and leakage. The report highlights how cloud credential theft — whether through leaks in code repositories, hard‑coded secrets, or stolen tokens — enables attackers to gain privileged access to entire cloud estates.

SentinelOne analysts note:

• Hard‑coded credentials appear repeatedly across public repositories, including tokens for major services.
• Even after developers discover exposed secrets, failure to rotate or decommission them leaves environments vulnerable.
• Cloud infostealers — malware that specifically targets cloud credentials — are resurging and broadening the types of credentials they harvest.

Real‑world examples cited in the report include situations where API keys for large language models (LLMs) were found in public GitHub repositories and remained valid for weeks, giving unauthorized access to private AI services despite disclosure to the account owner.

Once attackers obtain valid credentials — particularly those with powerful roles like admin or provisioning — they can:

• escalate privileges,
• move laterally across cloud services,
• extract sensitive data, and
• launch resource abuse attacks (e.g., cryptomining).

2. Lateral Movement within Cloud Ecosystems

The report emphasizes how attackers increasingly pivot through cloud environments after initial access. Compromised credentials often don’t provide immediate catastrophic impact — but they enable pivot and persistence by:

• abusing default or overly broad IAM (Identity and Access Management) policies,
• modifying native cloud services configurations that control access and logging, and
• combining misconfigurations (like exposed admin APIs and insecure network controls) to penetrate deeper.

SentinelOne’s research shows that attackers often use a combination of misconfigured services and lateral pivoting techniques — such as modifying cloud functions, disabling logging, or injecting malicious workloads — to evade detection and maintain long‑term presence.

This behavior underscores the importance of least‑privilege enforcement, context‑aware access controls, and continuous monitoring of identity use across cloud accounts.

3. Vulnerable Cloud Storage Is Still a Major Source of Data Exposure

Despite repeated warnings over the years, cloud object storage misconfigurations remain a top cause of data breaches. Historically, attackers targeted cloud storage primarily for data exfiltration. The 2025 report notes that threat actors have expanded these tactics to use storage as a credential discovery vector and a stepping stone for deeper attack stages.

Key examples include:

• publicly accessible buckets that contain logs, secrets, or configuration files,
• misconfigured storage tied to development and build pipelines with sensitive tokens embedded, and
• storage exposure that feeds into automated attacks against CI/CD tools.

Because cloud storage is often treated as benign infrastructure — and because legacy or inherited environments may not be audited regularly — attackers can take advantage of lax access policies and inadequate encryption controls to bypass defenses.

4. Cloud Supply Chain Risks — Typosquatting, Slopsquatting & Build Compromises

One of the most strategic insights of the report centers on cloud supply chain threats. As organizations increasingly depend on third‑party libraries, container images, CI/CD tools, and open‑source components, attackers are now targeting the build and deployment pipeline itself.

SentinelOne details growing activity in several areas:

• Typosquatting: malicious packages named similarly to legitimate ones (e.g., lodash vs. loadsh) that get pulled into builds by mistake.
• Slopsquatting: taking advantage of sloppy naming conventions in package registries.
• Toolchain poisoning: injecting malicious code into CI/CD tooling or supply components that are trusted in the deployment path.

Because these compromised components are embedded into containers and workloads across environments — including Kubernetes clusters and serverless stacks — they effectively become a backdoor into otherwise secured systems. Supply chain threats are difficult to detect and often emerge only after widespread adoption of a compromised component.

5. Cloud AI Services: New Attack Surface & Model Risks

The report dedicates a significant section to the risks introduced by artificial intelligence and machine learning workloads in the cloud — especially relevant given enterprise pushes toward generative AI and hybrid cloud deployments.

SentinelOne identifies these key concerns:

• Misconfigurations in AI service provisioning, such as overly permissive access to training data or inference services.
• Threat actors targeting AI APIs and runtime environments to either steal data or manipulate outcomes.
• Model Context Protocol (MCP) vulnerabilities, a specific category where attackers can inject malicious context or data into AI workflows.
• Security challenges around GPU acceleration infrastructure, especially in containerized Kubernetes environments where plugin risk is elevated.

The rapid growth of AI‑driven cloud services — often provisioned faster than security controls can adapt — has created an escalating attack surface. External adversaries are no longer just targeting cloud storage or workloads; they are now weaponizing cloud AI services and APIs themselves.

This trend mirrors broader research showing that AI adoption is outpacing security readiness — with poorly governed identities and excessive permissions now cited as core risk drivers in cloud breaches.

Additional Threat Vectors Identified

Beyond the five core risk themes, the report explores emerging secondary attack vectors affecting cloud security:

• GPU plugin vulnerabilities in Kubernetes setups.
• Exposure of non‑human identities such as API tokens, service accounts, and automation credentials.
• Misconfigured encryption and key management in runtime environments.
• Combining multiple low‑severity misconfigurations into an effective attack chain.

SentinelOne also notes that defenders are often overwhelmed by alert overload, fragmented tools, and static policy controls — leading to fatigue and delayed incident response. According to related research, more than 80% of cloud misconfigurations stem from human error — highlighting that automation alone cannot close cloud risk gaps without cultural and process maturity.

SentinelOne Viewpoint: What Security Teams Must Do Next

The report doesn’t just catalog risk — it frames strategic defensive considerations:

Unified Cloud Visibility

Security teams must break down silos between cloud workloads, identity systems, and endpoint threat telemetry. A fragmented tool stack increases blind spots and slows response time.

AI‑Powered Threat Detection

Given the volume and velocity of cloud events, platforms that leverage AI for real‑time detection, adaptive policy enforcement, and contextual threat scoring are critical to avoid alert fatigue and false positives.

Shift‑Left Security

Incorporating security into DevOps and CI/CD pipelines — especially through SBOM (software bill of materials) tracking, secrets scanning, and pre‑deployment assessments — helps catch supply chain threats before they reach production.

Credential Hygiene & Rotation

Automating secret rotation and expanding identity governance can drastically reduce the window of opportunity for attackers using leaked tokens or credentials.

Secure AI Workloads

Cloud AI service configurations must be standardized with strict access controls, runtime monitoring, and anomaly detection tailored to generative AI and model APIs.

Industry Reaction and Broader Context

External industry research aligns with many of SentinelOne’s findings. Recent studies show that cloud security teams are struggling with overwhelming alert volumes, tool sprawl, and lack of integration between SOC and cloud operations, leading to slower incident responses and detection lapses.

Cloud breaches driven by identity and access management issues — rather than malware itself — account for a significant share of attacks, underscoring that human and process factors remain central in cloud security posture.

Analysts also note that AI services in the cloud are creating new points of vulnerability, with identities tied to automation and machine learning workflows now outnumbering human identities in many environments.

Conclusion: Cloud Security Is Not a Static State — It Must Evolve

The SentinelOne Cloud Security Risk Report 2025 reveals that cloud environments are no longer simple repositories of data or compute resources — they are dynamic, interconnected ecosystems where identity, AI, supply chain, and misconfigurations intersect to create complex risk patterns.

Key priorities for security leaders emerging from the report include:

• moving beyond visibility to actionable context and threat prioritization,
• tightening identity and credential governance across platforms,
• adopting AI‑native defensive tooling that scales with threat volume,
• and evolving supply chain defenses to account for build and deployment pipeline threats.

As cloud adoption continues its rapid growth, the report makes it clear that traditional perimeter defenses are insufficient. Instead, defenders must adopt a holistic, continuous, and AI‑driven security strategy that aligns development, operations, and security teams across the organization to mitigate cloud risk effectively.