Large enterprises moving to the cloud do so in a phased manner. Consequently, at least for a while, they have a mix of on-premises and cloud environments (and very often, multiple cloud environments). These environments, combined with the many ways you can move an application to the cloud, create new considerations for application security:
- Rehost (lift and shift): threat landscape increased because of network exposure
- Replatform (lift and reshape): new attack vectors via buckets, databases, message queues
- Repurchase (drop and shop): third-party data exposure, noisy neighbor attacks, data retention
- Rearchitect (rewriting and decoupling apps): serverless, container based, container orchestration