It’s a new beginning! Ermetic is now Tenable Cloud Security.

SolarWinds Hack Poses Risk to Cloud Services’ API keys and IAM Identities

In a recent blog post, Noam Dahan, a Senior Security Researcher at Ermetic, discussed the aftermath of the SolarWinds breach and how until now, the discussion has been focused on on-premise risks. But the cloud is not immune; the SolarWinds Orion supply chain hack also endangers Amazon Web Services and Microsoft Azure API keys and […]

Tenable Cloud Security By Tenable Cloud Security
SolarWinds Hack Poses Risk to Cloud Services’ API keys and IAM Identities

In a recent blog post, Noam Dahan, a Senior Security Researcher at Ermetic, discussed the aftermath of the SolarWinds breach and how until now, the discussion has been focused on on-premise risks. But the cloud is not immune; the SolarWinds Orion supply chain hack also endangers Amazon Web Services and Microsoft Azure API keys and the accounts they belong to.

SC Media recently wrote an interesting follow up to Noam's article and included input from Tim Bach of AppOmni, Travis Smith of Qualys and Jim Reavis, CEO of the Cloud Security Alliance.

In his article, Bradley Barth quoted Dahan:

Companies should take steps to make credential changes and identify all exposed credentials. But there’s a problem: the Orion interface “does not actually display all stored credentials,” which complicates efforts on the part of affected companies to “track the extent of the exposure,” said Dahan.

Read the full article in SC Media now.

  • Start a free trial

    See how Tenable Cloud Security can help secure your data.

    Start Now
    • Skip to content