Continuous auditing and threat detection in multi-cloud infrastructure

Efficient change control and configuration management is imperative for addressing the emerging security threats in cloud infrastructure. These majorly exploit misconfiguration vulnerabilities e.g. excessive permissions, disabled logging features publicly accessible storage buckets. Traditional tools mechanisms are unable to effectively continuously track changes infrastructure owing transience unpredictability of events. Therefore, novel that proactive, agile continuous imperative. This article proposes CSBAuditor, a system monitors infrastructure, detect malicious activities unauthorized changes. CSBAuditor leverages two concepts: state transition analysis reconciler pattern overcome aforementioned issues. Furthermore, metrics used compute severity scores detected using scoring system: Cloud Security Scoring System. has been evaluated various strategies including chaos engineering (fault injection) on Amazon Web Services Google Platform. detects misconfigurations real-time with detection rate over 98%. Also, performance overhead within acceptable limits.