Why Privileged Access Management (PAM) Fails Cloud Infrastructure…and What to do About it
June 20, 2021PAM, its challenges for AWS, GCP and Azure environments — and CIEM as a solution.
Using AWS Condition Context Keys to Reduce Risk: A Least Privilege Cheat Sheet
May 25, 2021As strong advocates of least privilege, we believe these AWS keys can be quite effective — if they can be easily understood. Here’s a handy guide.
Least Privilege Policy: Automated Analysis Trumps Native AWS Tools
May 18, 2021Here’s what you need to know about AWS methods for granting and controlling access, plus native tools for detecting and repairing excessive permissions.
The ABCs of Azure Identity Governance Tools
April 12, 2021Discover the main Azure mechanisms for governing identities and providing access permissions.
AWS’s Access Analyzer Preview Access is Great — But Is It Enough?
March 16, 2021Learn the ins and outs of the preview access capability in Access Analyzer.
Deconstructing Azure Access Management using RBAC
March 10, 2021Take a focused look at the basics of Azure RBAC (role based access control) -- the main mechanism in Azure for granting permissions to resources. Familiarize you with Azure AD identities and find out how to grant them access to your organization’s resources.
Keep Your IAM Users Close, Keep Your Third Parties Even Closer
January 28, 2021Technical and legal controls that you take for granted when managing cybersecurity policy within your organization are usually out of reach when a third party is compromised.
Auditing iam:PassRole: A Problematic Privilege Escalation Permission
January 13, 2021How to determine which identities need iam:PassRole to help enforce “use it or lose it” least privilege.
Cloud infrastructure is not immune from the SolarWinds Orion breach
December 23, 2020Organizations exposed to the SolarWinds breach must identify exposed credentials and rotate them asap.
The AWS Managed Policies Trap
December 20, 2020These policies are simultaneously appealing and dangerous. Here’s how to use automated analysis of environment configuration and activity logs to avoid getting caught in the trap.
Who Holds the Keys to the Kingdom?
November 15, 2020Take a closer look at sensitive AWS Resources:secret strings and keys used in AWS, learn about the Resources and access control mechanisms relevant to them, delve into the challenges of tracking the permissions granted to them, and see ways in which automating analysis of environment configuration and logs in AWS can help.
AWS Identity Federation and Least Privilege – Friends or Foes?
October 7, 2020Learn how to address the challenges in basic and advanced implementations of AWS federation.