Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF
New CNAPPgoat scenario makes experimentation easy by triggering calls to AWS service from an EC2 instance exposed to SSRF
What’s New with CNAPPgoat?
Read about the newest, expanded features in the Ermetic [now Tenable Cloud Security] open source vulnerable-by-design tool for enhancing your security skills
The Azure Metadata Protection You Didn’t Know Was There
Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration
The Next Step in the IMDSv1 Redemption Journey
Learn about AWS’s new open source library for enforcing IMDSv2 and Tenable Cloud Security’s new lab for trying it out
CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
All about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments.
The Default Toxic Combination of GCP Compute Engine Instances
By default, compute instances in GCP are prone to a toxic combination that you should be aware of, and can avoid and fix
Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin
Our new open source Terraform project offers hands-on experience with VPC endpoints and demos AWS's new condition keys for securing EC2 instances
Federating Kubernetes Workloads with Cloud Identities
Your K8s workloads legitimately need access to sensitive cloud resources – federated identities let you grant it easily and securely
A New Incentive for Using AWS VPC Endpoints
If you haven’t been using VPC endpoints until now, AWS's two new condition keys should make you consider doing so
Secure Your AWS EC2 Instance Metadata Service (IMDS)
Read this review of IMDS, an important AWS EC2 service component, to understand its two versions and improve your AWS security
A Caveat for Azure VM Public IP Configuration
If you’re not familiar enough with the SKU attribute of the Azure public IP address, you may think you’re configuring VMs as public to the internet... but aren’t.
How to Minimize Unintended Access and Achieve Least Privilege with Ermetic and AWS
Lior Zatlavi explains how to set up the platform in your environment and get maximum value
IAM Role Trust Update – What You Need to Know
When it comes to assuming roles, AWS is changing an aspect of how trust policy is evaluated; here is a quick digest of what this change may mean to you.
Public Network Access to Azure Resources Is Too Easy to Configure
For some types of Microsoft Azure resources and subnets, it’s extremely easy to configure what is essentially public network access. We describe here some examples and how to reduce such risks.
Five Lessons Every Cybersecurity Team Can Learn from the Uber Incident
Upon hearing of a cyber security incident, alleged or factual, the most productive thing to do is learn what you can from its main lessons
Taking Notice of AWS IAM Roles Anywhere
IAM Roles Anywhere may be a pivotal moment for security — the new service lets you enrich the arsenal of tools at your disposal to improve your AWS security posture.
3 Ways to Reduce the Risk from Misused AWS IAM User Access Keys
Used incorrectly, AWS IAM User Access Keys can pose high risk; the good news is that great alternatives, explored here, exist
The Advanced Risk of Basic Roles In GCP IAM
Basic roles in GCP allow data-level actions, even though at first glance it might seem like they don’t. Avoid using basic roles, and if you must use them, make a special effort to protect any sensitive data you store in your GCP projects.
Identity Access Management in Google Cloud Platform (GCP IAM)
An introduction for anyone getting started with GCP or even experienced professionals who are looking for a structured overview.
Hidden Risk in the Default Roles of Google-Managed Service Accounts
Some Google-managed service accounts are binded by default to a role granting access to storage.objects.read. This hidden risk is (yet another) great reason to use customer-managed KMS keys to encrypt your sensitive data stored in buckets.
Keep Your S3 Safe from CloudTrail Auditors
AWSCloudTrailReadOnlyAccess currently allows s3:GetObject for “*” and s3:ListAllMyBuckets – and reading CloudTrail logs may also give access to bucket object keys. BE CAREFUL!
Tracking Adversaries in AWS using Anomaly Detection, Part 2
Going through the cyber “kill chain” with Pacu and using automated analysis to detect anomalous behavior
Tracking Adversaries in AWS using Anomaly Detection, Part 1
Minimizing the impact of a breach by identifying malicious actors’ anomalous behavior and taking action.
SEGA’s Saga of Nearly Compromised Credentials
A look at VPNO’s recent findings of publicly accessible S3 buckets on SEGA’s infrastructure and what we can learn from it.
Protect Your AWS Environment Beyond Patching Log4j
The crucial strategic lessons overlooked by enterprises dealing with the recently reported Log4j vulnerability.
Not Just Buckets: Are You Aware of ALL Your Public Resources?
A misconfiguration of resource based policies can inadvertently make resources public. Do you have such misconfigured policies present in your environment?
How Smart Secrets Storage Can Help You Avoid Cloud Security Risks
The not-so-sensitive locations that may tempt you when storing sensitive information -- why to avoid them and how
The Urgent Threat of Ransomware to S3 Buckets Due to Misconfigurations
Misconfigurations that can lead to S3 ransomware exposure and the mitigation tools you can leverage to prevent it
Five Strategies for Mitigating Your S3 Misconfiguration Ransomware Threat
Detailed steps for better ransomware protection of your AWS environment
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
The importance of understanding the assignments of Azure resource roles when giving permissions.
TeamTNT Strikes Again: A Wake-Up Call to Start Securing Cloud Entitlements
Examining the news that TeamTNT is targeting 16 more applications, including Google Cloud.
AWS Condition Context Keys for Reducing Risk
A Least Privilege cheat sheet on using AWS global condition context keys to achieve least privilege.
Least Privilege Policy: Automated Analysis Trumps Native AWS Tools
AWS methods for granting & controlling access, plus native tools for detecting & repairing excessive permissions.
The ABCs of Azure Identity Governance Tools
The main Azure mechanisms for governing identities and providing access permissions.
AWS’s Access Analyzer Preview Access is Great — But Is It Enough?
Learn the ins and outs of the preview access capability in Access Analyzer.
Deconstructing Azure Access Management using RBAC
The basics of Azure RBAC -- the main mechanism in Azure for granting permissions to resources.