Organizations of all sizes find it challenging to implement security controls across their various cloud environments. In this white paper, we discuss configuration risk factors for cloud infrastructure, SaaS, and DevOps, and how to identify and prioritize them.