Tracking Adversaries in AWS using Anomaly Detection, Part 2
Going through the cyber “kill chain” with Pacu and using automated analysis to detect anomalous behavior
By Lior Zatlavi
Tracking Adversaries in AWS using Anomaly Detection, Part 1
Minimizing the impact of a breach by identifying malicious actors’ anomalous behavior and taking action.
By Lior Zatlavi
SEGA’s Saga of Nearly Compromised Credentials
A look at VPNO’s recent findings of publicly accessible S3 buckets on SEGA’s infrastructure and what we can learn from it.
By Lior Zatlavi
Protect Your AWS Environment Beyond Patching Log4j
The crucial strategic lessons overlooked by enterprises dealing with the recently reported Log4j vulnerability.
By Lior Zatlavi
Not Just Buckets: Are You Aware of ALL Your Public Resources?
A misconfiguration of resource based policies can inadvertently make resources public. Do you have such misconfigured policies present in your environment?
By Lior Zatlavi
Don’t Hide Your Secrets in Plain Sight
The not-so-sensitive locations that may tempt you when storing sensitive information -- why to avoid them and how
By Lior Zatlavi
The Urgent Threat of Ransomware to S3 Buckets Due to Misconfigurations
Misconfigurations that can lead to S3 ransomware exposure and the mitigation tools you can leverage to prevent it
By Lior Zatlavi
Five Strategies for Mitigating Your S3 Misconfiguration Ransomware Threat
Detailed steps for better ransomware protection of your AWS environment
By Lior Zatlavi
The AWS Shared Responsibility Model: Everything You Need to Know
What the Shared Responsibility model means, its many challenges & how to protect your cloud infrastructure.
By Ermetic Team
AWS Resource Provisioning with Attribute Based Access Control (ABAC) – What You Need To Know
What to pay attention to when using ABAC in order to avoid unnecessary security gaps.
By Ermetic Team
AWS Condition Context Keys for Reducing Risk
A Least Privilege cheat sheet on using AWS global condition context keys to achieve least privilege.
By Lior Zatlavi
Least Privilege Policy: Automated Analysis Trumps Native AWS Tools – Ermetic
AWS methods for granting & controlling access, plus native tools for detecting & repairing excessive permissions.
By Lior Zatlavi
AWS’s Access Analyzer Preview Access is Great — But Is It Enough?
Learn the ins and outs of the preview access capability in Access Analyzer.
By Lior Zatlavi
Keep Your IAM Users Close, Keep Your Third Parties Even Closer – Part 1
Part 1 on third-party access configuration and control, and how it can go sideways with IAM permissions.
By Ermetic Team
Keep Your IAM Users Close, Keep Your Third Parties Even Closer – Part 2
Part 2 explores best practices against third-party access risk and how automated analysis can help.
By Ermetic Team
Auditing PassRole: A Problematic Privilege Escalation Permission
How to determine which identities need iam:PassRole to help enforce “use it or lose it” least-privilege.
By Noam Dahan
The AWS Managed Policies Trap
The “AWS Managed Policies Trap” and how to escape using automated analysis of environment configuration and activity logs.
By Ermetic Team
Who Holds the Keys to the Kingdom? (Part 2 of 2)
Part 2 takes a look at sensitive AWS Resources – secret strings and keys used in AWS.
By Ermetic Team
Who Holds the Keys to the Kingdom? (Part 1 of 2)
Part 1 of a series takes a look at sensitive AWS Resources - secret strings and keys used in AWS.
By Ermetic Team
AWS Identity Federation and Least Privilege – Friends or Foes?
How to address the challenges in basic and advanced implementations of AWS federation.
By Ermetic Team