Tenable Cloud Security Blog: Identity-First Best Practices & Insights

Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF

New CNAPPgoat scenario makes experimentation easy by triggering calls to AWS service from an EC2 instance exposed to SSRF

By Lior Zatlavi Oct 04, 2023

Building Custom Scenarios with CNAPPgoat

You can now construct and import your own vulnerability scenarios into…

By Noam Dahan Sep 27, 2023

The MGM Breach and the Role of IdP in Modern Cyber…

A deep dive into the recent MGM breach and our insights into the actor…

By Igal Gofman Sep 21, 2023

What’s New with CNAPPgoat?

Read about the newest, expanded features in the Ermetic [now Tenable C…

By Lior Zatlavi Sep 14, 2023

3 Cloud IAM Security Questions You Must Be Able to Answer

It doesn’t matter if it’s AWS, GCP or Azure IAM, cloud deployment is redefining the work of IAM professionals

By Tenable Cloud Security Mar 01, 2022

3 Types of Cyber Attackers: Which Organizations Do They Target?

Is an attacker interested in your organization? Probably. Deconstructing the PoV of cyber attackers is key to defending your turf.

By Tenable Cloud Security Jul 28, 2022

3 Ways to Reduce the Risk from Misused AWS IAM User Access Keys

Used incorrectly, AWS IAM User Access Keys can pose high risk; the good news is that great alternatives, explored here,…

By Lior Zatlavi Aug 10, 2022

Stronger Together: Writing a New Chapter in Cloud Security

We’re excited to share that Tenable has announced intent to acquire Ermetic.

By Shai Morag Sep 07, 2023

The Benefits of Cloud Entitlement Management

Cloud identities and entitlements pose grave challenges – learn about the benefits of CIEM solutions and KPIs for measuring them

By Diane Benjuya Aug 30, 2023

CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources

All about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments.

By Lior Zatlavi Aug 02, 2023

The Next Step in the IMDSv1 Redemption Journey

Learn about AWS’s new open source library for enforcing IMDSv2 and Tenable Cloud Security’s new lab for trying it out

By Lior Zatlavi Aug 17, 2023

Sometimes What Sounds Benign Can Bite You: An Unexpected Implication of Lambda Privileges

Learn how an AWS service usage and permissions combination discovered by Ermetic [now Tenable Cloud Security] may increase risk upon…

By Tenable Cloud Security Jul 04, 2023

Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin

Our new open source Terraform project offers hands-on experience with VPC endpoints and demos AWS’s new condition keys for securing…

By Lior Zatlavi Apr 03, 2023

The Azure Metadata Protection You Didn’t Know Was There

Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration

By Lior Zatlavi Sep 11, 2023

Uncovering 3 Azure API Management Vulnerabilities – When Good APIs Go Bad

Learn how now-patched Azure API Management service vulnerabilities revealed by our research team enabled malicious actions

By Liv Matan May 04, 2023

EmojiDeploy: Smile! Your Azure web service just got RCE’d ._.

The Ermetic [now Tenable Cloud Security] research team discovered a remote code execution vulnerability affecting Function Apps, App Service, Logic…

By Liv Matan Jan 19, 2023

Latest

Cloud

Start a free trial

AWS

Subscribe for updates

Azure

Missed a webinar?

GCP