{"id":120080,"date":"2021-08-06T01:33:12","date_gmt":"2021-08-06T08:33:12","guid":{"rendered":"https:\/\/unit42.paloaltonetworks.com\/?p=120080"},"modified":"2021-08-06T01:33:12","modified_gmt":"2021-08-06T08:33:12","slug":"iam-misconfigurations","status":"publish","type":"post","link":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/","title":{"rendered":"Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316"},"content":{"rendered":"<h2>\u6982\u8981<\/h2>\n<p>Unit 42\u306e\u65b0\u3057\u3044\u8abf\u67fb\u306b\u3088\u308b\u3068\u3001\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u306f\u3001\u6628\u5e74\u672b\u3088\u308a\u3082\u653b\u6483\u3092\u53d7\u3051\u3084\u3059\u304f\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u30af\u30e9\u30a6\u30c9\u30b5\u30fc\u30d3\u30b9\u30d7\u30ed\u30d0\u30a4\u30c0\uff08CSP\uff09\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306b\u304a\u3044\u3066\u3001\u591a\u8981\u7d20\u8a8d\u8a3c\uff08MFA\uff09\u3092\u6709\u52b9\u306b\u3057\u3066\u3044\u306a\u304b\u3063\u305f\u308a\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3092\u884c\u3063\u3066\u3044\u306a\u304b\u3063\u305f\u308a\u3001\u904e\u5ea6\u306b\u5bdb\u5bb9\u306a\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u306e\u6570\u304c\u5927\u5e45\u306b\u5897\u52a0\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u3088\u3046\u306a\u7d44\u7e54\u306f\u3001CSP\u74b0\u5883\u306e\u30a2\u30a4\u30c7\u30f3\u30c6\u30a3\u30c6\u30a3\u304a\u3088\u3073\u30a2\u30af\u30bb\u30b9\u7ba1\u7406\uff08IAM\uff09\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4fb5\u5bb3\u306b\u3088\u308b\u91cd\u5927\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u3092\u7d4c\u9a13\u3059\u308b\u30ea\u30b9\u30af\u304c\u9ad8\u307e\u308a\u307e\u3059\u3002<\/p>\n<p>\u3053\u308c\u3089\u306e\u8abf\u67fb\u7d50\u679c\u306f\u300c<a href=\"https:\/\/unit42.paloaltonetworks.jp\/highlight-cloud-threat-report-iam\/\">Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c82020\u5e742H\u300d<\/a>\u3092\u88dc\u8db3\u3059\u308b\u3082\u306e\u3067\u3059\u30022020\u5e7410\u6708\u306e\u30ec\u30dd\u30fc\u30c8\u3067\u306f\u3001IAM\u306e\u8a2d\u5b9a\u30df\u30b9\u304c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u306b\u3082\u305f\u3089\u3059\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ea\u30b9\u30af\u3092\u5206\u6790\u3057\u307e\u3057\u305f\u3002\u7279\u306b\u3001<a href=\"https:\/\/unit42.paloaltonetworks.jp\/solarstorm-supply-chain-attack-timeline\/\">SolarStorm<\/a>\u3084<a href=\"https:\/\/unit42.paloaltonetworks.jp\/microsoft-exchange-server-attack-timeline\/\">Microsoft Exchange Server<\/a>\u3078\u306e\u653b\u6483\u306b\u304a\u3051\u308bMFA\u306e\u6975\u3081\u3066\u5927\u304d\u306a\u5f71\u97ff\u3092\u8e0f\u307e\u3048\u3001\u3053\u306e8\u30f6\u6708\u9593\u3067\u30c8\u30ec\u30f3\u30c9\u304c\u3069\u306e\u3088\u3046\u306b\u5909\u5316\u3057\u305f\u304b\u3092\u78ba\u8a8d\u3059\u308b\u305f\u3081\u306b\u3053\u306e\u8abf\u67fb\u3092\u8ffd\u8de1\u3059\u308b\u3053\u3068\u306b\u3057\u307e\u3057\u305f\u3002<\/p>\n<table style=\"width: 100.765%; background-color: #d4cfcf;\">\n<tbody>\n<tr>\n<td style=\"width: 100%; text-align: center;\"><i><span style=\"font-weight: 400;\">\u4eca\u56de\u306e\u8abf\u67fb\u7d50\u679c\u306f\u3001\u305d\u308c\u305e\u308c\u306eCSP\u3092\u4f7f\u3046\u7d44\u7e54\u5074\u306e\u8a2d\u5b9a\u30df\u30b9\u304c\u539f\u56e0\u3067\u3042\u308a\u3001CSP\u304c\u63d0\u4f9b\u3059\u308b\u30b5\u30fc\u30d3\u30b9\u306e\u7d50\u679c\u3067\u306f\u306a\u3044\u3053\u3068\u306b\u7559\u610f\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/span><\/i><span style=\"font-weight: 400;\">.<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u300c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u306f2020\u5e7410\u6708\u3088\u308a\u73fe\u5728\u306e\u65b9\u304c\u3088\u308a\u653b\u6483\u3092\u53d7\u3051\u3084\u3059\u304f\u306a\u3066\u3044\u308b\u300d\u3068\u3044\u3046\u3053\u3068\u30922021\u5e741\u6708\u304b\u30896\u6708\u306b\u304b\u3051\u3066\u306e\u8abf\u67fb\u3067\u78ba\u8a8d\u3057\u307e\u3057\u305f\u3002\u6700\u3082\u91cd\u8981\u306a\u306e\u306f\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u304c\u4ee5\u4e0b\u306e\u8ffd\u52a0\u306e\u767a\u898b\u3092\u3057\u305f\u3053\u3068\u3067\u3059\u3002<\/p>\n<ul>\n<li>Google Cloud\u306e\u30b9\u30c8\u30ec\u30fc\u30b8\u30d0\u30b1\u30c3\u30c8\u3092\u3059\u3079\u3066\u306e\u30e6\u30fc\u30b6\u304c\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u3088\u3046\u306b\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u7d44\u7e54\u304c60%\u5897\u52a0\u3057\u3001\u30c7\u30fc\u30bf\u306e\u30ea\u30b9\u30af\u304c\u9ad8\u304f\u306a\u3063\u3066\u3044\u308b<\/li>\n<li>Amazon Web Services\uff08AWS\uff09\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306eMFA\u8a2d\u5b9a\u3092\u6709\u52b9\u306b\u3057\u3066\u3044\u306a\u3044\u7d44\u7e54\u304c42\uff05\u5897\u52a0\u3057\u3066\u3044\u308b<\/li>\n<li>\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c90\u65e5\u4ee5\u4e0a\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044AWS\u3092\u5229\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u306e\u6570\u304c22%\u5897\u52a0\u3057\u3066\u3044\u308b<\/li>\n<\/ul>\n<p>\u3053\u308c\u3089\u306e\u7d50\u679c\uff08MFA\u306e\u7121\u52b9\u5316\u3001\u5b9a\u671f\u7684\u306a\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u904b\u7528\u306e\u6b20\u5982\u3001\u904e\u5270\u306a\u7279\u6a29\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30d7\u30ed\u30d3\u30b8\u30e7\u30cb\u30f3\u30b0\uff09\u306f\u3001\u7d44\u7e54\u304cDevOps\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u904b\u7528\u624b\u9806\u3092\u5f37\u5316\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u3053\u3068\u3092\u793a\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<p>\u3059\u3079\u3066\u306e\u7d44\u7e54\u304c\u3001\u306a\u3093\u3089\u304b\u306e\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u306b\u6295\u8cc7\u3057\u3001\u672c\u756a\u74b0\u5883\u3068\u958b\u767a\u74b0\u5883\u306e\u4e21\u65b9\u3067IAM\u306e\u8a2d\u5b9a\u30df\u30b9\u304c\u306a\u3044\u304b\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3092\u5b9a\u671f\u7684\u306b\u76e3\u8996\u3059\u308b\u3053\u3068\u304c\u5f37\u304f\u63a8\u5968\u3055\u308c\u307e\u3059\u3002\u30d1\u30ed\u30a2\u30eb\u30c8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u30b9\u3067\u306f<a href=\"https:\/\/www.paloaltonetworks.jp\/prisma\/cloud\">Prisma Cloud<\/a>\u3092\u30af\u30e9\u30a6\u30c9\u30cd\u30a4\u30c6\u30a3\u30d6\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u3068\u3057\u3066\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<h2>MFA\u306e\u8a2d\u5b9a\u30df\u30b9<\/h2>\n<p>\u3053\u306e\u8abf\u67fb\u7d50\u679c\u306b\u304a\u3051\u308b\u300c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3067MFA\u3092\u6709\u52b9\u306b\u3057\u3066\u3044\u306a\u3044\u7d44\u7e54\u300d\u3068\u3044\u3046\u306e\u306fCSP\u306b\u30cd\u30a4\u30c6\u30a3\u30d6\u306aIAM\u6a5f\u80fd\u306b\u95a2\u9023\u3059\u308b\u3082\u306e\u306e\u307f\u3092\u542b\u307f\u307e\u3059\u3002\u30b5\u30fc\u30c9\u30d1\u30fc\u30c6\u30a3\u306eID\u30d7\u30ed\u30d0\u30a4\u30c0\uff08IdP\uff09\u304c\u63d0\u4f9b\u3059\u308b\u3082\u306e\u306f\u542b\u307e\u308c\u307e\u305b\u3093\u3002CSP \u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306f\u3001\u4f01\u696d\u306e\u30af\u30e9\u30a6\u30c9 IAM \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u304a\u3044\u3066\u91cd\u8981\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4e0a\u306e\u30dc\u30c8\u30eb\u30cd\u30c3\u30af\u3068\u306a\u3063\u3066\u3044\u307e\u3059\u3002CSP\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306f\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3067\u6700\u521d\u306b\u4f5c\u6210\u3055\u308c\u308b\u30a2\u30ab\u30a6\u30f3\u30c8\u3067\u3001\u3042\u3089\u3086\u308bIdP\u306e\u8a2d\u5b9a\u306e\u8a31\u53ef\u3084\u7ba1\u7406\u3092\u542b\u3081\u3001\u3044\u308f\u3070\u300c\u738b\u56fd\u3078\u306e\u9375\u300d\u3092\u63e1\u3063\u3066\u3044\u308b\u5168\u80fd\u30a2\u30ab\u30a6\u30f3\u30c8\u3067\u3059\u3002<strong>\u3064\u307e\u308a\u300cCSP\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u304c\u4fb5\u5bb3\u3055\u308c\u308c\u3070IdP\u306e\u5c0e\u5165\u3059\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5bfe\u7b56\u3082\u56de\u907f\u3055\u308c\u308b\u300d\u3068\u3044\u3046\u70b9\u3092\u6307\u6458\u3059\u308b\u306e\u306f\u91cd\u8981\u3067\u3057\u3087\u3046\u3002<\/strong><\/p>\n<p>\u7d44\u7e54\u306eCSP\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306b<a href=\"https:\/\/www.cisecurity.org\/newsletter\/securing-online-accounts-with-multi-factor-authentication\/\">MFA\u3092\u8a2d\u5b9a\u3057\u3066<\/a>\u3001\u7d44\u7e54\u306e\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u81ea\u4f53\u3082\u542b\u3081\u3066\u4fdd\u8b77\u3059\u308b\u3053\u3068\u306f\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u3067\u3059\u3002\u305f\u3057\u304b\u306bMFA \u3092\u30d0\u30a4\u30d1\u30b9\u3067\u304d\u308b\u5834\u5408\u3082\u3042\u308a\u307e\u3059\u304c\uff08<a href=\"https:\/\/threatpost.com\/cloud-attacks-bypass-mfa-feds\/163056\/\">\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u653b\u6483<\/a>\u3001\u5b89\u5168\u3067\u306a\u3044<a href=\"https:\/\/www.proofpoint.com\/us\/blog\/cloud-security\/new-vulnerabilities-bypass-multi-factor-authentication-microsoft-365\">\u30d7\u30ed\u30c8\u30b3\u30eb<\/a>\u3001<a href=\"https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/multi-factor-authentication-new-attacks\">\u8106\u5f31\u6027<\/a>\u306a\u3069\uff09\u3001\u3053\u306e\u3088\u3046\u306a\u30bf\u30a4\u30d7\u306e\u653b\u6483\u306f\u653b\u6483\u8005\u306b\u3068\u3063\u3066\u306f\u975e\u5e38\u306b\u30b3\u30b9\u30c8\u304c\u304b\u304b\u308b\u3082\u306e\u3067\u3059\u3002<a href=\"https:\/\/techcommunity.microsoft.com\/t5\/azure-active-directory-identity\/all-your-creds-are-belong-to-us\/ba-p\/855124\">Microsoft<\/a>\u306e\u8abf\u67fb\u306b\u3088\u308b\u3068\u300c\u30d1\u30b9\u30ef\u30fc\u30c9\u4ee5\u5916\u306e\u3082\u306e\u3092\u4f7f\u7528\u3059\u308b\u3068<strong>\u653b\u6483\u8005\u306e\u30b3\u30b9\u30c8\u304c\u5927\u5e45\u306b\u5897\u52a0\u3059\u308b<\/strong>\u3002\u305d\u306e\u305f\u3081\u3001\u3042\u3089\u3086\u308b\u30bf\u30a4\u30d7\u306eMFA\u3092\u4f7f\u7528\u3057\u305f\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4fb5\u5bb3\u7387\u306f\u3001\u96c6\u56e3\u5168\u4f53\u306e0.1\uff05\u672a\u6e80\u3067\u3042\u308b\u3002\u300d\u3068\u306e\u3053\u3068\u3067\u3059\u3002\u307e\u305fIDC\u306f\u300c2022\u5e74\u307e\u3067\u306b<a href=\"https:\/\/www.idc.com\/getdoc.jsp?containerId=prMETA46165020\">90\uff05\u306e\u4f01\u696d\u304c\u751f\u7523\u8981\u4ef6\u3092\u6e80\u305f\u3059\u305f\u3081\u306b\u30af\u30e9\u30a6\u30c9\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u306b\u4f9d\u5b58\u3059\u308b\u3088\u3046\u306b\u306a\u308b<\/a>\u300d\u3068\u3057\u3066\u3044\u307e\u3059\u3002MFA\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u306b\u5f93\u3063\u3066\u30af\u30e9\u30a6\u30c9\u30a4\u30f3\u30d5\u30e9\u306e\u5b89\u5168\u3092\u78ba\u4fdd\u3057\u3066\u304a\u304f\u3053\u3068\u3067\u3001\u7d44\u7e54\u306f\u672c\u6765\u907f\u3051\u3089\u308c\u308b\u306f\u305a\u306eID\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6d41\u51fa\u88ab\u5bb3\u306b\u906d\u3044\u3065\u3089\u304f\u306a\u308a\u307e\u3059\u3002<\/p>\n<p>MFA\u306f\u4e8c\u8981\u7d20\u8a8d\u8a3c\uff082FA\uff09\u3068\u3082\u547c\u3070\u308c\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u8a31\u53ef\u3059\u308b\u524d\u306b\u30012\u3064\u4ee5\u4e0a\u306e\u5f62\u5f0f\u306e\u8a8d\u8a3c\u624b\u6bb5\u3092\u63d0\u4f9b\u3059\u308b\u30d7\u30ed\u30bb\u30b9\u3067\u3059\u3002\u8a8d\u8a3c\u306b\u306f\u6b21\u306e3\u3064\u306e\u8981\u7d20\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<ol>\n<li>\u77e5\u8b58\uff08Something you know\uff09\n<ul>\n<li>\u30d1\u30b9\u30ef\u30fc\u30c9<\/li>\n<li>\u30d1\u30b9\u30d5\u30ec\u30fc\u30ba<\/li>\n<\/ul>\n<\/li>\n<li>\u6240\u6709\uff08Something you have\uff09\n<ul>\n<li>\u30cf\u30fc\u30c9\u30a6\u30a7\u30a2\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ad\u30fc<\/li>\n<li>\u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u30c8\u30fc\u30af\u30f3\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3<\/li>\n<li>SMS\u30c8\u30fc\u30af\u30f3<\/li>\n<\/ul>\n<\/li>\n<li>\u751f\u4f53\uff08Something you are\uff09\n<ul>\n<li>\u30d0\u30a4\u30aa\u30e1\u30c8\u30ea\u30c3\u30af\u30b9\u30ad\u30e3\u30f3\u307e\u305f\u306f\u8679\u5f69\u30b9\u30ad\u30e3\u30f3<\/li>\n<li>\u97f3\u58f0\u8a8d\u8a3c<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<p>MFA\u304c\u6709\u52b9\u3067\u3001\u30e6\u30fc\u30b6\u30fc\u304c\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3078\u306e\u30a2\u30af\u30bb\u30b9\u3092\u8981\u6c42\u3057\u305f\u5834\u5408\u3001\u30a2\u30af\u30bb\u30b9\u8a31\u53ef\u306e\u524d\u306b\u30e6\u30fc\u30b6\u30fc\u306f2\u8981\u7d20\u4ee5\u4e0a\u306e\u8a8d\u8a3c\u30c1\u30a7\u30c3\u30af\u306b\u6210\u529f\u3059\u308b\u3053\u3068\u304c\u6c42\u3081\u3089\u308c\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u304f\u4f7f\u308f\u308c\u308b\u306e\u304c\u300c\u30d1\u30b9\u30ef\u30fc\u30c9\uff08\u77e5\u8b58\u8981\u7d20\uff09\u300d\u306e\u5165\u529b\u3068\u300c\u30c8\u30fc\u30af\u30f3\u5024\uff08\u6240\u6709\u8981\u7d20\uff09\u300d\u306e\u5165\u529b\u3067\u3059\u3002<\/p>\n<p>\u524d\u8ff0\u306e\u300cUnit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c82020\u5e742H\u300d\u3067Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001MFA\u306e\u8a2d\u5b9a\u30df\u30b9\u306e\u3046\u3061\u300c\u7d44\u7e54\u304c\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u3068\u6a19\u6e96\u30e6\u30fc\u30b6\u30fc\u30a2\u30ab\u30a6\u30f3\u30c8\u306eMFA\u30ea\u30bd\u30fc\u30b9\u3092\u9069\u5207\u306b\u6709\u52b9\u5316\u306a\u3044\u3057\u8a2d\u5b9a\u3057\u3066\u3044\u306a\u3044\u30b1\u30fc\u30b9\u300d\u306b\u3064\u3044\u3066\u8abf\u67fb\u3057\u307e\u3057\u305f\u3002\u6b8b\u5ff5\u306a\u304c\u30892020\u5e7410\u6708\u4ee5\u964d\u3001\u3053\u308c\u3089\u306e\u7d71\u8a08\u306f\u60aa\u5316\u3057\u3066\u3044\u307e\u3059\uff08\u88681\u53c2\u7167\uff09\u3002\u4eca\u56de\u3053\u308c\u304c\u60aa\u5316\u50be\u5411\u3068\u306a\u3063\u305f\u8981\u56e0\u3068\u3057\u3066\u8003\u3048\u3089\u308c\u308b\u306e\u304c\u3001\u300c\u7d44\u7e54\u304c\u30e6\u30fc\u30b6\u30fc\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u9069\u5207\u306b\u8a2d\u5b9a\u3067\u304d\u3066\u304a\u3089\u305a\u3001IdP\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u306e\u7bc4\u7587\u5916\u306b\u554f\u984c\u304c\u3042\u308b\u300d\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u3002\u3064\u307e\u308a\u3001\u7d44\u7e54\u304c<a href=\"https:\/\/www.okta.com\/\">Okta<\/a>\u3001<a href=\"https:\/\/auth0.com\/\">Auth0<\/a>\u3001<a href=\"https:\/\/www.sailpoint.com\/\">SailPoint<\/a>\u3001<a href=\"https:\/\/www.onelogin.com\/\">OneLogin<\/a>\u306a\u3069\u306eID\u30d7\u30ed\u30d0\u30a4\u30c0\u3092\u5229\u7528\u3057\u3066\u3044\u308b\u5834\u5408\u3067\u3082\u3001\u30af\u30e9\u30a6\u30c9\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u5185\u3067\u4f5c\u6210\u3057\u305fIAM\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u7121\u52b9\u306b\u3057\u3066\u3044\u306a\u3044\u53ef\u80fd\u6027\u304c\u3042\u308b\u3001\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u3002\u3053\u308c\u306b\u306fIdP\u7d71\u5408\u306e\u78ba\u7acb\u306e\u305f\u3081\u306b\u4f7f\u7528\u3055\u308c\u305fIAM\u30a2\u30ab\u30a6\u30f3\u30c8\u3082\u542b\u307e\u308c\u307e\u3059\u3002<\/p>\n<table style=\"width: 100.832%;\">\n<tbody>\n<tr>\n<td style=\"width: 56.1728%;\"><b>\u91cd\u5927\u306a\u8a2d\u5b9a\u30df\u30b9<\/b><\/td>\n<td style=\"width: 10.3704%;\"><b>2020\u5e7410\u6708<\/b><\/td>\n<td style=\"width: 10.8642%;\"><b>2021\u5e746\u6708<\/b><\/td>\n<td style=\"width: 94.8148%;\"><b>\u5897\u52a0\u7387<\/b><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 56.1728%;\"><span style=\"font-weight: 400;\">Oracle Cloud \u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u3067\u3001IAM \u30e6\u30fc\u30b6\u30fc\u306e MFA \u304c\u7121\u52b9<\/span><\/td>\n<td style=\"width: 10.3704%;\"><span style=\"font-weight: 400;\">N\/A<\/span><\/td>\n<td style=\"width: 10.8642%;\"><span style=\"font-weight: 400;\">92%<\/span><\/td>\n<td style=\"width: 94.8148%;\"><span style=\"font-weight: 400;\">N\/A<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 56.1728%;\"><span style=\"font-weight: 400;\">Alibaba Cloud\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u3067\u3001RAM*\u30e6\u30fc\u30b6\u30fc\u306eMFA\u304c\u7121\u52b9<\/span><\/td>\n<td style=\"width: 10.3704%;\"><span style=\"font-weight: 400;\">62%<\/span><\/td>\n<td style=\"width: 10.8642%;\"><span style=\"font-weight: 400;\">85%<\/span><\/td>\n<td style=\"width: 94.8148%;\"><span style=\"font-weight: 400;\">+27%<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 56.1728%;\"><span style=\"font-weight: 400;\">AWS\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u3067\u3001IAM\u30e6\u30fc\u30b6\u30fc\u306eMFA\u304c\u7121\u52b9<\/span><\/td>\n<td style=\"width: 10.3704%;\"><span style=\"font-weight: 400;\">47%<\/span><\/td>\n<td style=\"width: 10.8642%;\"><span style=\"font-weight: 400;\">69%<\/span><\/td>\n<td style=\"width: 94.8148%;\"><span style=\"font-weight: 400;\">+32%<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 56.1728%;\"><span style=\"font-weight: 400;\">AWS\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u3067\u3001\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306eMFA\u304c\u7121\u52b9<\/span><\/td>\n<td style=\"width: 10.3704%;\"><span style=\"font-weight: 400;\">24%<\/span><\/td>\n<td style=\"width: 10.8642%;\"><span style=\"font-weight: 400;\">42%<\/span><\/td>\n<td style=\"width: 94.8148%;\"><span style=\"font-weight: 400;\">+42%<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p style=\"text-align: center;\"><span style=\"color: #999999;\"><sup><em>\u88681 IAM \u30a2\u30ab\u30a6\u30f3\u30c8\u306e MFA \u304c\u7121\u52b9\u306b\u306a\u3063\u3066\u3044\u308b\u7d44\u7e54<br \/>\n<\/em><\/sup><\/span><span style=\"color: #999999; font-size: 12pt;\"><sup><em>*RAM - Resource Access Management\u306f\u3001Alibaba Cloud\u5185\u306eID\u3068\u30a2\u30af\u30bb\u30b9\u5236\u5fa1\u306e\u30b5\u30fc\u30d3\u30b9\u3002\u3053\u308c\u306b\u3088\u3063\u3066\u30e6\u30fc\u30b6\u30fc\u3068\u305d\u306e\u6a29\u9650\u3092\u4e00\u5143\u7ba1\u7406\u3067\u304d\u308b<\/em><\/sup><\/span><\/p>\n<p>Amazon Web Services\uff08AWS\uff09\u3001Oracle Cloud\u3001Alibaba Cloud\u3067\u306f\u3001IAM\u8a8d\u8a3c\u6a5f\u80fd\u3092\u30af\u30e9\u30a6\u30c9\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u81ea\u4f53\u306b\u642d\u8f09\u3057\u3066\u3044\u308b\u306e\u306b\u5bfe\u3057\u3001Google Cloud\u3084Microsoft Azure\u3067\u306f\u3001\u30af\u30e9\u30a6\u30c9\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u306b\u81ea\u793e\u306eIdP\u30b5\u30fc\u30d3\u30b9\u3092\u5229\u7528\u3057\u3066IAM\u8a8d\u8a3c\u3092\u884c\u3063\u3066\u3044\u307e\u3059\u3002Google Cloud\u306f\u81ea\u793e\u30b5\u30fc\u30d3\u30b9\u306e<a href=\"https:\/\/www.google.com\/account\/about\/\">\u300cGoogle Accounts<\/a>\u300d\u3092\u3001Azure\u306fMicrosoft\u306e\u30b5\u30fc\u30d3\u30b9\u300c<a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/active-directory\/\">Azure Active Directory\uff08AD<\/a>\uff09\u300d\u3092\u4f7f\u7528\u3057\u307e\u3059\u3002\u7d44\u7e54\u7ba1\u7406\u8005\u304cGoogle Cloud\u30a2\u30ab\u30a6\u30f3\u30c8\u306eMFA\u3092\u6709\u52b9\u306b\u3059\u308b\u5834\u5408\u306f\u3001\u3053\u3061\u3089\u306eGoogle Workspace<a href=\"https:\/\/support.google.com\/a\/answer\/9176657?visit_id=637592973002568828-1110985569&amp;rd=1\">\u30ac\u30a4\u30c9<\/a>\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002\u7d44\u7e54\u7ba1\u7406\u8005\u304cAzure\u30af\u30e9\u30a6\u30c9\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u3067MFA\u3092\u6709\u52b9\u306b\u3057\u305f\u3044\u5834\u5408\u306f\u3001\u3053\u3061\u3089\u306e<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-mfa-mfasettings\">Azure AD Multi-Factor Authentication\u30ac\u30a4\u30c9<\/a>\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<h2>\u3053\u306e\u4ed6\u306e\u8a2d\u5b9a\u30df\u30b9<\/h2>\n<p>\u305d\u308c\u3067\u306f\u6b21\u306b\u3001IAM\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u904b\u7528\u306b\u3064\u3044\u3066\u898b\u3066\u3044\u304d\u307e\u3057\u3087\u3046\u3002\u3053\u3061\u3089\u306e\u8abf\u67fb\u7d50\u679c\u3067\u306f\u30012020\u5e7410\u6708\u304b\u30892021\u5e746\u6708\u306b\u304b\u3051\u3066\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3092\u5b9f\u65bd\u3057\u3066\u3044\u306a\u3044\u30af\u30e9\u30a6\u30c9\u5229\u7528\u4f01\u696d\u306f\u3001\u4e16\u754c\u7684\u306b\u7d0420\uff05\u5897\u52a0\u3057\u3066\u3044\u305f\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002\u3053\u306e\u50be\u5411\u306fGoogle Cloud\u3001AWS\u306e\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u3067\u898b\u3089\u308c\u305f\u3082\u306e\u3067\u3059\u3002<\/p>\n<p>\u30d1\u30b9\u30ef\u30fc\u30c9\u3068\u540c\u69d8\u306b\u3001\u65b0\u3057\u3044CSP\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306f90\u65e5\u3054\u3068\u306b\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3057\u3001\u30ad\u30fc\u304c\u6f0f\u308c\u305f\u308a\u76d7\u307e\u308c\u305f\u308a\u3057\u3066\u3082\u9577\u671f\u9593\u6709\u52b9\u306b\u306a\u3089\u306a\u3044\u3088\u3046\u306b\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c<a href=\"https:\/\/gitlab.com\/\">GitLab<\/a>\u3084<a href=\"https:\/\/github.com\/\">GitHub<\/a>\u306a\u3069\u306e\u30b3\u30fc\u30c9\u30ea\u30dd\u30b8\u30c8\u30ea\u30b5\u30a4\u30c8\u306b\u8aa4\u3063\u3066\u30a2\u30c3\u30d7\u30ed\u30fc\u30c9\u3055\u308c\u305f\u308a\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u3092\u7f6e\u3044\u3066\u3042\u308b\u30af\u30e9\u30a6\u30c9\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u304c\u305d\u306e\u5f8c\u4fb5\u5bb3\u3055\u308c\u308b\u3053\u3068\u3067\u3001\u6f0f\u3048\u3044\u3059\u308b\u3053\u3068\u304c\u3042\u308a\u307e\u3059\u3002\u88682\u306b\u793a\u3057\u305f\u3068\u304a\u308a\u3001AWS\u3001Google Cloud\u3001Oracle Cloud\u306e\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u3092\u4f7f\u7528\u3057\u3066\u3044\u308b\u7d44\u7e54\u3067\u306f\u3001\u9577\u671f\u9593\u306b\u6e21\u3063\u3066\u30a2\u30af\u30c6\u30a3\u30d6\u306a\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c\u9855\u8457\u306b\u898b\u3089\u308c\u307e\u3057\u305f\uff08\u5404\u30af\u30e9\u30a6\u30c9\u4e8b\u696d\u8005\u306f\u3053\u306e\u7a2e\u306e\u554f\u984c\u304b\u3089\u30af\u30e9\u30a6\u30c9\u57fa\u76e4\u3092\u4fdd\u8b77\u3059\u308b\u305f\u3081\u306e\u8a2d\u5b9a\u3092\u30e6\u30fc\u30b6\u30fc\u304c\u884c\u3048\u308b\u3088\u3046\u306b\u3057\u3066\u3044\u307e\u3059\u304c\u3001\u3053\u308c\u3092\u6709\u52b9\u306b\u3057\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u304c\u898b\u3089\u308c\u308b\uff09\u3002<\/p>\n<p>\u30af\u30e9\u30a6\u30c9\u9700\u8981\u306e\u5897\u52a0\u3068\u305d\u306e\u8907\u96d1\u5316\u306b\u52a0\u3048\u3001\u5168\u4f53\u3068\u3057\u3066\u8a8d\u8a3c\u306e\u9577\u671f\u5229\u7528\u3092\u6df1\u523b\u306b\u53d7\u3051\u6b62\u3081\u306a\u3044\u50be\u5411\u304c\u898b\u3089\u308c\u307e\u3059\u3002\u3053\u306e\u3053\u3068\u304b\u3089\u3001\u7d44\u7e54\u306f\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u8a2d\u5b9a\u30df\u30b9\u554f\u984c\u306b\u5bfe\u51e6\u3059\u308b\u3088\u308a\u3082\u3001\u30aa\u30f3\u30d7\u30ec\u30df\u30b9\u304b\u3089\u30af\u30e9\u30a6\u30c9\u3078\u306e\u79fb\u884c\u3084\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u958b\u767a\u306a\u3069\u3001\u4ed6\u306e\u30af\u30e9\u30a6\u30c9\u958b\u767a\u95a2\u9023\u4f5c\u696d\u306b\u5bfe\u51e6\u3059\u308b\u3053\u3068\u3092\u512a\u5148\u3057\u3066\u3057\u307e\u3063\u3066\u3044\u308b\u306e\u3067\u306f\u306a\u3044\u304b\u3068\u8003\u3048\u3089\u308c\u307e\u3059\u3002\u3067\u3059\u304c\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u306f\u3001\u5358\u8abf\u5897\u52a0\u3059\u308b\u30ea\u30b9\u30af\u306e\u6df1\u523b\u5ea6\u3092\u4e0b\u3052\u308b\u6570\u5c11\u306a\u3044\u5b9f\u7528\u4f8b\u306e\u4e00\u3064\u3067\u3059\u3002\u8a8d\u8a3c\u60c5\u5831\u304c\u5909\u66f4\u3055\u308c\u306a\u304b\u3063\u305f\u671f\u9593\u304c\u9577\u3051\u308c\u3070\u9577\u3044\u307b\u3069\u3001\u305d\u306e\u8a8d\u8a3c\u60c5\u5831\u3092\u4f7f\u7528\u3059\u308b\u30af\u30e9\u30a6\u30c9\u30a4\u30f3\u30d5\u30e9\u304c\u69cb\u7bc9\u3055\u308c\u308c\u3070\u3055\u308c\u308b\u307b\u3069\u3001\u305d\u306e\u8a8d\u8a3c\u60c5\u5831\u304c\u6f0f\u3048\u3044\u3057\u305f\u5834\u5408\u306e\u7d44\u7e54\u3078\u306e\u5f71\u97ff\u306f\u5927\u304d\u304f\u306a\u308a\u307e\u3059\u3002<\/p>\n<table style=\"width: 99.7354%;\">\n<tbody>\n<tr>\n<td style=\"width: 59.9545%;\"><b>\u91cd\u5927\u306a\u8a2d\u5b9a\u30df\u30b9<\/b><\/td>\n<td style=\"width: 9.55631%;\"><b>2020\u5e7410\u6708<\/b><\/td>\n<td style=\"width: 9.89761%;\"><b>2021\u5e746\u6708<\/b><\/td>\n<td style=\"width: 78.8396%;\"><b>\u5897\u52a0\u7387<\/b><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.9545%;\"><span style=\"font-weight: 400;\">\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c90\u65e5\u4ee5\u4e0a\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044AWS\u5229\u7528\u7d44\u7e54<\/span><\/td>\n<td style=\"width: 9.55631%;\"><span style=\"font-weight: 400;\">68%<\/span><\/td>\n<td style=\"width: 9.89761%;\"><span style=\"font-weight: 400;\">83%<\/span><\/td>\n<td style=\"width: 78.8396%;\"><span style=\"font-weight: 400;\">+22%<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.9545%;\"><span style=\"font-weight: 400;\">\u30a2\u30ab\u30a6\u30f3\u30c8\u30ad\u30fc\u304c90\u65e5\u4ee5\u4e0a\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044Google Cloud\u5229\u7528\u7d44\u7e54<\/span><\/td>\n<td style=\"width: 9.55631%;\"><span style=\"font-weight: 400;\">62%<\/span><\/td>\n<td style=\"width: 9.89761%;\"><span style=\"font-weight: 400;\">73%<\/span><\/td>\n<td style=\"width: 78.8396%;\"><span style=\"font-weight: 400;\">+18%<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.9545%;\"><span style=\"font-weight: 400;\">API\u30ad\u30fc\u304c90\u65e5\u4ee5\u4e0a\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044Oracle Cloud\u5229\u7528\u7d44\u7e54<\/span><\/td>\n<td style=\"width: 9.55631%;\"><span style=\"font-weight: 400;\">N\/A<\/span><\/td>\n<td style=\"width: 9.89761%;\"><span style=\"font-weight: 400;\">85%<\/span><\/td>\n<td style=\"width: 78.8396%;\"><span style=\"font-weight: 400;\">N\/A<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.9545%;\"><span style=\"font-weight: 400;\">Auth Tokens\u304c90\u65e5\u4ee5\u4e0a\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044Oracle Cloud\u5229\u7528\u7d44\u7e54<\/span><\/td>\n<td style=\"width: 9.55631%;\"><span style=\"font-weight: 400;\">N\/A<\/span><\/td>\n<td style=\"width: 9.89761%;\"><span style=\"font-weight: 400;\">19%<\/span><\/td>\n<td style=\"width: 78.8396%;\"><span style=\"font-weight: 400;\">N\/A<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p style=\"text-align: center;\"><span style=\"font-size: 12pt;\"><sup><span style=\"color: #999999;\"><em>\u88682 \u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u904b\u7528\u3092\u884c\u3063\u3066\u3044\u306a\u3044\u7d44\u7e54<\/em><\/span><\/sup><\/span><\/p>\n<p>\u4e3b\u8981\u306aCSP\u306f\u305d\u308c\u305e\u308c\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u30d7\u30ed\u30bb\u30b9\u3092\u81ea\u52d5\u5316\u3059\u308b\u65b9\u6cd5\u3092\u63d0\u4f9b\u3057\u3066\u3044\u307e\u3059\u3002\u8a73\u3057\u304f\u306f\u305d\u308c\u305e\u308c\u306e\u30ea\u30f3\u30af\u3092\u3054\u89a7\u304f\u3060\u3055\u3044\uff08<a href=\"https:\/\/www.alibabacloud.com\/help\/doc-detail\/134270.htm\">Alibaba Cloud<\/a>\u3001<a href=\"https:\/\/docs.aws.amazon.com\/prescriptive-guidance\/latest\/patterns\/automatically-rotate-iam-user-access-keys.html\">AWS<\/a>\u3001<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/key-vault\/secrets\/tutorial-rotation\">Azure<\/a>\u3001<a href=\"https:\/\/cloud.google.com\/kms\/docs\/rotating-keys\">Google Cloud<\/a>\u3001<a href=\"https:\/\/docs.oracle.com\/en\/enterprise-manager\/cloud-control\/enterprise-manager-cloud-control\/13.4\/emadm\/automate-dbsnmp-password-management.html\">Oracle Cloud<\/a>\uff09\u3002<\/p>\n<h2>\u6a29\u9650\u904e\u5270<\/h2>\n<p>\u6700\u5f8c\u306b\u3001Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001IAM\u30a2\u30ab\u30a6\u30f3\u30c8\u3068\u30ed\u30fc\u30eb\u306b\u3064\u3044\u3066\u3001\u6a29\u9650\u3092\u904e\u5270\u306b\u8a2d\u5b9a\u3057\u3066\u3044\u308b\u7d44\u7e54\u304c\u3069\u306e\u7a0b\u5ea6\u3042\u308b\u304b\u3092\u518d\u8abf\u67fb\u3057\u307e\u3057\u305f\u3002\u6700\u3082\u76ee\u7acb\u3063\u305fIAM\u6a29\u9650\u904e\u5270\u554f\u984c\u306f\u3001<a href=\"https:\/\/docs.aws.amazon.com\/STS\/latest\/APIReference\/API_AssumeRole.html\">AWS AssumeRole<\/a>\u6a5f\u80fd\u3092\u4e2d\u5fc3\u3068\u3057\u305f\u4e71\u7528\u3067\u3059\uff08AWS\u306fAssumeRole\u306e\u4e71\u7528\u3092\u9632\u3050\u8a2d\u5b9a\u3092\u7528\u610f\u3057\u3066\u3044\u307e\u3059\u304c\u3001\u3053\u308c\u3092\u6709\u52b9\u306b\u3057\u3066\u3044\u306a\u3044\u30e6\u30fc\u30b6\u30fc\u3082\u3044\u307e\u3059\uff09\u3002\u3053\u306e\u30b5\u30fc\u30d3\u30b9\u306f\u3001<a href=\"https:\/\/start.paloaltonetworks.jp\/unit-42-cloud-threats-securing-iam\/\">Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc<\/a>\u304b\u3089\u3082<a href=\"https:\/\/www.csoonline.com\/article\/3620965\/aws-access-control-confusion-enables-cross-account-attacks.html\">CSO Online<\/a>\u696d\u754c\u306e\u30d9\u30b9\u30c8\u30d7\u30e9\u30af\u30c6\u30a3\u30b9\u8a18\u4e8b\u304b\u3089\u3082\u6ce8\u76ee\u3092\u96c6\u3081\u3066\u3044\u307e\u3059\u3057\u3001<a href=\"https:\/\/securityboulevard.com\/2020\/12\/cloud-infrastructure-is-not-immune-from-the-solarwinds-orion-breach\/\">SolarWinds<\/a>\u3082\u3053\u306eAssumeRole\u30b5\u30fc\u30d3\u30b9\u306e\u8a2d\u5b9a\u30df\u30b9\u3068\u95a2\u9023\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u306e\u3088\u3046\u306a\u6ce8\u76ee\u5ea6\u306e\u9ad8\u3055\u304b\u3089AssumeRole\u306b\u904e\u5270\u306a\u6a29\u9650\u3092\u4ed8\u4e0e\u3059\u308b\u7d44\u7e54\u6570\u306f\u6e1b\u5c11\u3057\u59cb\u3081\u3066\u304a\u308a\u3001\u308f\u305a\u304b6\u30f6\u6708\u306e\u9593\u306b67\uff05\u3082\u6e1b\u5c11\u3057\u3066\u3044\u308b\u3053\u3068\u3092\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u78ba\u8a8d\u3057\u3066\u3044\u307e\u3059\uff08\u88683\u53c2\u7167\uff09\u3002<\/p>\n<table style=\"width: 101.832%;\">\n<tbody>\n<tr>\n<td style=\"width: 59.596%;\"><b>\u91cd\u5927\u306a\u8a2d\u5b9a\u30df\u30b9<\/b><\/td>\n<td style=\"width: 7.80533%;\"><b>2020\u5e7410\u6708<\/b><\/td>\n<td style=\"width: 8.08081%;\"><b>2021\u5e746\u6708<\/b><\/td>\n<td style=\"width: 53.2599%;\"><b>\u5897\u6e1b\u7387<\/b><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.596%;\"><span style=\"font-weight: 400;\">IAM\u30dd\u30ea\u30b7\u30fc\u3067AssumeRole\u306b<\/span><b>\u5168\u30b5\u30fc\u30d3\u30b9\u306e<\/b>\u6a29\u9650\u3092\u8a31\u53ef\u3057\u3066\u3044\u308bAWS\u5229\u7528\u7d44\u7e54<\/td>\n<td style=\"width: 7.80533%;\"><span style=\"font-weight: 400;\">30%<\/span><\/td>\n<td style=\"width: 8.08081%;\"><span style=\"font-weight: 400;\">18%<\/span><\/td>\n<td style=\"width: 53.2599%;\"><span style=\"font-weight: 400;\">-67%<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.596%;\"><span style=\"font-weight: 400;\">IAM\u30e6\u30fc\u30b6\u30fc\u304c\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u6a29\u9650\u3092\u6301\u3064Google Cloud\u5229\u7528\u7d44\u7e54<\/span><\/td>\n<td style=\"width: 7.80533%;\"><span style=\"font-weight: 400;\">61%<\/span><\/td>\n<td style=\"width: 8.08081%;\"><span style=\"font-weight: 400;\">62%<\/span><\/td>\n<td style=\"width: 53.2599%;\"><span style=\"font-weight: 400;\">+2%<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.596%;\"><span style=\"font-weight: 400;\">\u6a29\u9650\u904e\u5270\u306e\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u7279\u6a29\u3064\u304d\u30a2\u30ab\u30a6\u30f3\u30c8\u304c\u5b58\u5728\u3059\u308bGoogle Cloud\u5229\u7528\u7d44\u7e54<\/span><\/td>\n<td style=\"width: 7.80533%;\"><span style=\"font-weight: 400;\">20%<\/span><\/td>\n<td style=\"width: 8.08081%;\"><span style=\"font-weight: 400;\">24%<\/span><\/td>\n<td style=\"width: 53.2599%;\"><span style=\"font-weight: 400;\">+17%<\/span><\/td>\n<\/tr>\n<tr>\n<td style=\"width: 59.596%;\"><span style=\"font-weight: 400;\">\u30b9\u30c8\u30ec\u30fc\u30b8\u30d0\u30b1\u30c3\u30c8\u304c\u5168\u30e6\u30fc\u30b6\u30fc\u306b\u516c\u958b\u3055\u308c\u3066\u3044\u308bGoogle Cloud\u5229\u7528\u7d44\u7e54<\/span><\/td>\n<td style=\"width: 7.80533%;\"><span style=\"font-weight: 400;\">11%<\/span><\/td>\n<td style=\"width: 8.08081%;\"><span style=\"font-weight: 400;\">27%<\/span><\/td>\n<td style=\"width: 53.2599%;\"><span style=\"font-weight: 400;\">+60%<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p style=\"text-align: center;\"><span style=\"font-size: 12pt;\"><sup><span style=\"color: #999999;\"><em>\u88683 \u904e\u5ea6\u306b\u5bdb\u5bb9\u306aIAM\u7279\u6a29\u3092\u8a8d\u3081\u3066\u3044\u308b\u7d44\u7e54<\/em><\/span><\/sup><\/span><\/p>\n<p>\u904e\u5ea6\u306b\u5bdb\u5bb9\u306a\u6a29\u9650\u3092\u8a8d\u3081\u308bAWS\u306eAssumeRole\u30b5\u30fc\u30d3\u30b9\u304c\u6e1b\u5c11\u3057\u305f\u3053\u3068\u306f\u826f\u3044\u30cb\u30e5\u30fc\u30b9\u3067\u3059\u304c\u3001\u305d\u308d\u305d\u308d\u4ed6\u306eCSP\u74b0\u5883\u306b\u5b58\u5728\u3059\u308b\u3053\u308c\u3068\u306f\u5225\u306eIAM\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u554f\u984c\u306e\u89e3\u6c7a\u306b\u3080\u3051\u3001\u5168\u54e1\u304c\u610f\u8b58\u3092\u5207\u308a\u66ff\u3048\u308b\u307b\u3046\u304c\u3088\u3055\u305d\u3046\u3067\u3059\u3002\u305f\u3068\u3048\u3070Google Cloud\u74b0\u5883\u5185\u3067IAM\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306b\u6a29\u9650\u304c\u904e\u5270\u306b\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u308b\u30b1\u30fc\u30b9\u306f17%\u3082\u5897\u52a0\u3057\u3066\u3044\u307e\u3059\u3057\u3001\u8ab0\u3067\u3082\u30a2\u30af\u30bb\u30b9\u53ef\u80fd\u306aGoogle Cloud\u30b9\u30c8\u30ec\u30fc\u30b8\u30ea\u30bd\u30fc\u30b9\u306f\u904e\u53bb6\u30ab\u6708\u9593\u306760%\u3082\u5897\u52a0\u3057\u3066\u3044\u307e\u3059\u306e\u3067\u3001\u3053\u308c\u3082\u30a2\u30af\u30bb\u30b9\u3092\u9069\u5207\u306b\u5236\u9650\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u3067\u3057\u3087\u3046\u3002<\/p>\n<h2>\u7d50\u8ad6<\/h2>\n<p>CSP\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306f\u3001\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u306b\u91cd\u5927\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30ea\u30b9\u30af\u3092\u3082\u305f\u3089\u3057\u307e\u3059\u3002\u3053\u308c\u3089\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u306b\u9069\u5207\u306a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4fdd\u8b77\u3092\u63d0\u4f9b\u3059\u308b\u3053\u3068\u306f\u3001\u30af\u30e9\u30a6\u30c9\u3092\u5229\u7528\u3057\u3066\u3044\u308b\u4f01\u696d\u306b\u3068\u3063\u3066\u306f\u55ab\u7dca\u306e\u8ab2\u984c\u3067\u3059\u3002\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u306e\u8a2d\u5b9a\u3084\u4fdd\u5b88\u304c\u4e0d\u9069\u5207\u3060\u3068\u6df1\u523b\u306a\u4e8b\u614b\u3092\u62db\u304d\u304b\u306d\u307e\u305b\u3093\u3002Unit 42\u306e\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\u306f\u3001\u7d44\u7e54\u304b\u3089CSP\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f7f\u3063\u3066\u884c\u3046\u30aa\u30da\u30ec\u30fc\u30b7\u30e7\u30f3\u6a5f\u80fd\u306f\u3001IdP\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u8a2d\u5b9a\u306e\u307f\u306b\u5236\u9650\u3059\u308b\u3053\u3068\u3092\u5f37\u304f\u63a8\u5968\u3057\u3066\u3044\u307e\u3059\u3002CSP\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306f\u3001\u3067\u304d\u308c\u3070MFA\u30cf\u30fc\u30c9\u30c8\u30fc\u30af\u30f3\u3067MFA\u3092\u6709\u52b9\u5316\u3057\u3001\u7dca\u6025\u6642\u3092\u9664\u3044\u3066\u305d\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u6c7a\u3057\u3066\u4f7f\u7528\u3057\u306a\u3044\u3088\u3046\u306b\u3057\u307e\u3059\u3002\u3059\u3079\u3066\u306e\u7ba1\u7406\u6a5f\u80fd\u306f\u3001IdP\u30d9\u30fc\u30b9\u3067\u65b0\u305f\u306b\u6307\u5b9a\u3055\u308c\u305f\u7ba1\u7406\u30a2\u30ab\u30a6\u30f3\u30c8\u3067\u5b9f\u884c\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>\u307e\u305f\u3001IAM\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u3092\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3057\u3066\u3044\u306a\u3044\u7d44\u7e54\u6570\u3084\u3001\u6a29\u9650\u904e\u5270\u306eIAM\u30a2\u30ab\u30a6\u30f3\u30c8\u3084\u30ed\u30fc\u30eb\u3092\u5c0e\u5165\u3057\u3066\u3044\u308b\u7d44\u7e54\u6570\u304c\u5897\u52a0\u3057\u3066\u3044\u308b\u3053\u3068\u3082\u5224\u660e\u3057\u307e\u3057\u305f\u3002\u30e6\u30fc\u30b6\u30fc\u30d1\u30b9\u30ef\u30fc\u30c9\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3068\u540c\u69d8\u306b\u3001\u30ea\u30b9\u30af\u3092\u6700\u5c0f\u9650\u306b\u6291\u3048\u308b\u306b\u306f\u5c11\u306a\u304f\u3068\u308290\u65e5\u3054\u3068\u306b\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u3092\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u6700\u5f8c\u306b\u3001\u30e6\u30fc\u30b6\u30fc\u3001\u30ed\u30fc\u30eb\u3001\u30b0\u30eb\u30fc\u30d7\u7279\u6a29\u306a\u3069\u3001\u3059\u3079\u3066\u306eIAM\u30a8\u30f3\u30c6\u30a3\u30c6\u30a3\u306e\u4f5c\u6210\u30fb\u7ba1\u7406\u306b\u3042\u305f\u3063\u3066\u306f<a href=\"https:\/\/www.paloaltonetworks.jp\/cyberpedia\/what-is-a-zero-trust-for-the-cloud\">\u6700\u5c0f\u7279\u6a29<\/a>\u306e\u539f\u5247\u3092\u9069\u7528\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u306a\u304a\u3001\u672c\u7a3f\u3067\u53d6\u308a\u4e0a\u3052\u305f\u91cd\u8981\u306aIAM\u8a2d\u5b9a\u30df\u30b9\u306fPrisma Cloud\u3067\u306f\u3068\u304f\u306b\u8ffd\u52a0\u8a2d\u5b9a\u3082\u306a\u3057\u3067\u691c\u51fa\u30fb\u8b66\u544a\u53ef\u80fd\u3067\u3059\u3002Prisma Cloud\u30d7\u30e9\u30c3\u30c8\u30d5\u30a9\u30fc\u30e0\u3092\u4f7f\u3046\u3068\u3068\u304f\u306b\u30de\u30eb\u30c1\u30af\u30e9\u30a6\u30c9\u5229\u7528\u7d44\u7e54\u3067\u306f\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u69cb\u6210\u306e\u628a\u63e1\u304c\u5bb9\u6613\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n<h4>\u63a8\u5968\u3055\u308c\u308b\u5bfe\u7b56<\/h4>\n<ul>\n<li>CSP\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306f\u3067\u304d\u308b\u304b\u304e\u308aMFA\u30cf\u30fc\u30c9\u30c8\u30fc\u30af\u30f3\u3067MFA\u3092\u6709\u52b9\u5316\u3059\u308b<\/li>\n<li>CSP\u306e\u30eb\u30fc\u30c8\u30a2\u30ab\u30a6\u30f3\u30c8\u306fIdP\u8a2d\u5b9a\u306e\u30bb\u30c3\u30c8\u30a2\u30c3\u30d7\u306e\u307f\u306b\u5229\u7528\u3057\u540c\u3058\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4ed6\u306e\u6a5f\u80fd\u306b\u306f\u4f7f\u7528\u3057\u306a\u3044<\/li>\n<li>IdP\u7d4c\u7531\u3067\u4f5c\u6210\u30fb\u8a2d\u5b9a\u3057\u305fIAM\u7ba1\u7406\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f7f\u3063\u3066\u3059\u3079\u3066\u306e\u7ba1\u7406\u6a5f\u80fd\u3092\u5b9f\u884c\u3059\u308b<\/li>\n<li><a href=\"https:\/\/www.paloaltonetworks.com\/prisma\/cloud\/identity-access-management-security\">Prisma Cloud IAM\u30e2\u30b8\u30e5\u30fc\u30eb<\/a>\u7d4c\u7531\u3067IAM\u30ed\u30fc\u30eb\u3001\u30b0\u30eb\u30fc\u30d7\u3001\u30c8\u30e9\u30b9\u30c8\u30dd\u30ea\u30b7\u30fc\u3092\u76e3\u8996\u3059\u308b<\/li>\n<li>\u3059\u3079\u3066\u306eIAM\u30e6\u30fc\u30b6\u30fc\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306b\u5bfe\u3057\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u6a5f\u80fd\u3092\u81ea\u52d5\u5316\u3057\u3066\u904b\u7528\u3059\u308b<\/li>\n<li>IAM\u306e\u6a29\u9650\u8a2d\u5b9a\u306b\u306f\u6700\u5c0f\u7279\u6a29\u306e\u539f\u5247\u3092\u7528\u3044\u308b<\/li>\n<\/ul>\n<h4>\u8ffd\u52a0\u8cc7\u6599<\/h4>\n<ul>\n<li><a href=\"https:\/\/unit42.paloaltonetworks.jp\/highlight-cloud-threat-report-IAM\/\">\u300eUnit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u300f2020\u5e74\u79cb\u7248\u306e\u6ce8\u76ee\u30dd\u30a4\u30f3\u30c8<\/a><\/li>\n<li><a href=\"https:\/\/unit42.paloaltonetworks.jp\/iam-roles-compromised-workloads\/\">Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8: \u8a2d\u5b9a\u304c\u4e0d\u9069\u5207\u306aIAM\u30ed\u30fc\u30eb\u304c\u4f55\u5343\u3082\u306e\u30af\u30e9\u30a6\u30c9\u30ef\u30fc\u30af\u30ed\u30fc\u30c9\u306e\u4fb5\u5bb3\u3092\u62db\u304f<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u6982\u8981 Unit 42\u306e\u65b0\u3057\u3044\u8abf\u67fb\u306b\u3088\u308b\u3068\u3001\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u306f\u3001\u6628\u5e74\u672b\u3088\u308a\u3082\u653b\u6483\u3092\u53d7\u3051\u3084\u3059\u304f\u306a\u3063\u3066\u3044\u307e\u3059\u3002\u30af\u30e9\u30a6\u30c9\u30b5\u30fc\u30d3\u30b9\u30d7\u30ed\u30d0\u30a4\u30c0\uff08CSP\uff09\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306b\u304a\u3044\u3066\u3001\u591a\u8981\u7d20\u8a8d\u8a3c\uff08MFA\uff09\u3092\u6709\u52b9\u306b\u3057\u3066\u3044\u306a\u304b\u3063\u305f\u308a\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u306e<\/p>\n","protected":false},"author":317,"featured_media":134260,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4332,4436,4430],"tags":[5137,5329,5933,5934],"product_categories":[4345,4458],"coauthors":[1394],"class_list":["post-120080","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trend-reports","category-cloud-cybersecurity-research-ja","category-trend-reports-ja","tag-cloud-configuration-ja","tag-iam-ja","tag-mfa-ja","tag-misconfiguration","product_categories-prisma-cloud","product_categories-prisma-cloud-ja"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.0 (Yoast SEO v27.0) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316<\/title>\n<meta name=\"description\" content=\"\u591a\u304f\u306e\u7d44\u7e54\u304c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3067\u9069\u5207\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u78ba\u4fdd\u3067\u304d\u3066\u3044\u307e\u305b\u3093\u3002\u591a\u8981\u7d20\u8a8d\u8a3c\u304c\u7121\u52b9\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a\u304c\u904e\u5270\u306a\u3069\u306e\u554f\u984c\u3092\u62b1\u3048\u308b\u7d44\u7e54\u306e\u6570\u306f\u5927\u5e45\u306b\u5897\u52a0\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/\" \/>\n<meta property=\"og:locale\" content=\"ja_JP\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316\" \/>\n<meta property=\"og:description\" content=\"\u591a\u304f\u306e\u7d44\u7e54\u304c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3067\u9069\u5207\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u78ba\u4fdd\u3067\u304d\u3066\u3044\u307e\u305b\u3093\u3002\u591a\u8981\u7d20\u8a8d\u8a3c\u304c\u7121\u52b9\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a\u304c\u904e\u5270\u306a\u3069\u306e\u554f\u984c\u3092\u62b1\u3048\u308b\u7d44\u7e54\u306e\u6570\u306f\u5927\u5e45\u306b\u5897\u52a0\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002\" \/>\n<meta property=\"og:url\" content=\"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/\" \/>\n<meta property=\"og:site_name\" content=\"Unit 42\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-06T08:33:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/13_Cloud_cybersecurity_research_Overview_1920x900.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Nathaniel Quist\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316","description":"\u591a\u304f\u306e\u7d44\u7e54\u304c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3067\u9069\u5207\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u78ba\u4fdd\u3067\u304d\u3066\u3044\u307e\u305b\u3093\u3002\u591a\u8981\u7d20\u8a8d\u8a3c\u304c\u7121\u52b9\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a\u304c\u904e\u5270\u306a\u3069\u306e\u554f\u984c\u3092\u62b1\u3048\u308b\u7d44\u7e54\u306e\u6570\u306f\u5927\u5e45\u306b\u5897\u52a0\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/","og_locale":"ja_JP","og_type":"article","og_title":"Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316","og_description":"\u591a\u304f\u306e\u7d44\u7e54\u304c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3067\u9069\u5207\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u78ba\u4fdd\u3067\u304d\u3066\u3044\u307e\u305b\u3093\u3002\u591a\u8981\u7d20\u8a8d\u8a3c\u304c\u7121\u52b9\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a\u304c\u904e\u5270\u306a\u3069\u306e\u554f\u984c\u3092\u62b1\u3048\u308b\u7d44\u7e54\u306e\u6570\u306f\u5927\u5e45\u306b\u5897\u52a0\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002","og_url":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/","og_site_name":"Unit 42","article_published_time":"2021-08-06T08:33:12+00:00","og_image":[{"width":1920,"height":900,"url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/13_Cloud_cybersecurity_research_Overview_1920x900.jpg","type":"image\/jpeg"}],"author":"Nathaniel Quist","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#article","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/"},"author":{"name":"Nathaniel Quist","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/6f4153adb969c91f103a21af22c5d1de"},"headline":"Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316","datePublished":"2021-08-06T08:33:12+00:00","mainEntityOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/"},"wordCount":246,"commentCount":0,"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#primaryimage"},"thumbnailUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/13_Cloud_cybersecurity_research_Overview_1920x900.jpg","keywords":["cloud configuration","IAM","MFA","Misconfiguration"],"articleSection":["Trend Reports","\u30af\u30e9\u30a6\u30c9 \u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30ea\u30b5\u30fc\u30c1","\u30c8\u30ec\u30f3\u30c9 \u30ec\u30dd\u30fc\u30c8"],"inLanguage":"ja","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/","name":"Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316","isPartOf":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#primaryimage"},"image":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#primaryimage"},"thumbnailUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/13_Cloud_cybersecurity_research_Overview_1920x900.jpg","datePublished":"2021-08-06T08:33:12+00:00","author":{"@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/6f4153adb969c91f103a21af22c5d1de"},"description":"\u591a\u304f\u306e\u7d44\u7e54\u304c\u30af\u30e9\u30a6\u30c9\u74b0\u5883\u3067\u9069\u5207\u306b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3092\u78ba\u4fdd\u3067\u304d\u3066\u3044\u307e\u305b\u3093\u3002\u591a\u8981\u7d20\u8a8d\u8a3c\u304c\u7121\u52b9\u3001\u30a2\u30af\u30bb\u30b9\u30ad\u30fc\u304c\u30ed\u30fc\u30c6\u30fc\u30b7\u30e7\u30f3\u3055\u308c\u3066\u3044\u306a\u3044\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30d1\u30fc\u30df\u30c3\u30b7\u30e7\u30f3\u8a2d\u5b9a\u304c\u904e\u5270\u306a\u3069\u306e\u554f\u984c\u3092\u62b1\u3048\u308b\u7d44\u7e54\u306e\u6570\u306f\u5927\u5e45\u306b\u5897\u52a0\u3057\u3066\u3044\u308b\u3053\u3068\u304c\u308f\u304b\u308a\u307e\u3057\u305f\u3002","breadcrumb":{"@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#breadcrumb"},"inLanguage":"ja","potentialAction":[{"@type":"ReadAction","target":["https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/"]}]},{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#primaryimage","url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/13_Cloud_cybersecurity_research_Overview_1920x900.jpg","contentUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2024\/06\/13_Cloud_cybersecurity_research_Overview_1920x900.jpg","width":1920,"height":900,"caption":"Close-up of a Black woman wearing glasses, looking at colorful digital data projected onto a screen before them."},{"@type":"BreadcrumbList","@id":"https:\/\/unit42.paloaltonetworks.com\/ja\/iam-misconfigurations\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/unit42.paloaltonetworks.com\/ja\/"},{"@type":"ListItem","position":2,"name":"Unit 42\u30af\u30e9\u30a6\u30c9\u8105\u5a01\u30ec\u30dd\u30fc\u30c8\u66f4\u65b0: IAM\u306b\u8a2d\u5b9a\u30df\u30b9\u306e\u3042\u308b\u7d44\u7e54\u6570\u306e\u5897\u52a0\u3067\u30af\u30e9\u30a6\u30c9\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u72b6\u6cc1\u306f\u60aa\u5316"}]},{"@type":"WebSite","@id":"https:\/\/unit42.paloaltonetworks.com\/#website","url":"https:\/\/unit42.paloaltonetworks.com\/","name":"Unit 42","description":"Palo Alto Networks","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/unit42.paloaltonetworks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ja"},{"@type":"Person","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/6f4153adb969c91f103a21af22c5d1de","name":"Nathaniel Quist","image":{"@type":"ImageObject","inLanguage":"ja","@id":"https:\/\/unit42.paloaltonetworks.com\/#\/schema\/person\/image\/e1c6c4d2290a309ae8265f45775289cd","url":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2025\/09\/Nathaniel-Quist_Headshot-Insights-300x300.png","contentUrl":"https:\/\/unit42.paloaltonetworks.com\/wp-content\/uploads\/2025\/09\/Nathaniel-Quist_Headshot-Insights-300x300.png","caption":"Nathaniel Quist"},"description":"Nathaniel Quist is the Manager of the Cloud Threat Intelligence Team for Cortex Cloud, where he collaborates with the Cortex and Unit 42 researchers to track threat actors targeting cloud platforms and services. He holds a Master of Science in Information Security Engineering from The SANS Institute and has authored several publications for Palo Alto Networks' Unit 42, Prisma Cloud, and the SANS InfoSec Reading Room. Outside of cloud threats, he enjoys puzzles, blockchain, and ranching.","url":"https:\/\/unit42.paloaltonetworks.com\/ja\/author\/nathaniel-quist\/"}]}},"_links":{"self":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/120080","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/users\/317"}],"replies":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/comments?post=120080"}],"version-history":[{"count":3,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/120080\/revisions"}],"predecessor-version":[{"id":120083,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/posts\/120080\/revisions\/120083"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media\/134260"}],"wp:attachment":[{"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/media?parent=120080"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/categories?post=120080"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/tags?post=120080"},{"taxonomy":"product_categories","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/product_categories?post=120080"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/unit42.paloaltonetworks.com\/ja\/wp-json\/wp\/v2\/coauthors?post=120080"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}