New research from SentinelOne reveals attacks targeting trusted third-party tools and systems are a security threat that can’t remain hidden.
Despite this, most organizations are unprepared to defend against them, with key vulnerabilities and a lack of visibility, according to SentinelOne’s 2025 Cloud Security Survey Report and 2025 Cloud Security Risk Report.
Key takeaways:
● 86.9% of responders confirm they face challenges validating and prioritizing alerts and cloud events.
● Only 12.9% rank secret scanning (to identify exposed credentials in developer tools) as a top priority, despite it being a common attack path.
· Nearly 30% of respondents have either not begun implementing secret scanning capabilities or have no plans to do so.
· 92% of organizations say they face challenges securing their cloud environments due to using too many point solutions, leading to supply chain compromises often going undetected for long periods.
· With 53% of organizations reporting that at least half of their alerts are false positives, it is even harder to spot real threats hiding in plain sight.
· 98.2% expect teams will experience benefits from AI in cloud security solutions.
· Accelerate incident response, detecting threats faster, and better prioritize remediation among the top perceived benefits of AI.
