Keep Your S3 Safe from CloudTrail Auditors
February 3, 2022AWSCloudTrailReadOnlyAccess currently allows s3:GetObject for “*” and s3:ListAllMyBuckets. And reading CloudTrail logs may also give access to bucket object keys. Be careful!
Wayward Sheriffs and Confused Deputies: Risks in GCP Third Party Access
February 1, 2022Most GCP third-party vendors ask for permanent service account keys for access -- increasing credential leakage risk. Used correctly, short-lived credentials offer a secure alternative.
Testing the Waters: First Impressions of CloudTrail Lake
January 13, 2022Our first impressions of AWS's new managed audit and security lake that allows you to aggregate, immutably store, and query activity logs.
Tracking Adversaries in AWS Using Anomaly Detection
January 11, 2022Here’s how to minimize the impact of a breach by identifying malicious actors’ anomalous behavior and taking action.
SEGA’s Saga of Nearly Compromised Credentials
January 6, 2022A look at VPNO’s recent findings of publicly accessible S3 buckets on SEGA’s infrastructure and what we can learn from it.
Protect Your AWS Environment Beyond Patching Log4j
December 29, 2021Check out crucial strategic lessons overlooked by enterprises dealing with the recently reported Log4j vulnerability.
How to Start Up Your Cloud Security
December 9, 2021Startups may think they can postpone implementing a cloud security program but should in fact take early action — here’s why, and easy steps for doing so.
Not Just Buckets: Are You Aware of ALL Your Public Resources?
November 23, 2021A misconfiguration of resource-based policies can inadvertently make resources public. Do you have such misconfigured policies present in your environment?
How Smart Secrets Storage Can Help You Avoid Cloud Security Risks
November 3, 2021The not-so-sensitive locations that may tempt you when storing sensitive information — why to avoid them and how.
Five Strategies for Mitigating Your S3 Misconfiguration Ransomware Threat
October 7, 2021Check out these detailed steps to improve ransomware protection of your AWS environment.
The Urgent Threat of Ransomware to S3 Buckets Due to Misconfigurations
October 7, 2021Learn all about misconfigurations that can lead to S3 ransomware exposure and the mitigation tools you can leverage to prevent it.
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
August 10, 2021Learn the importance of understanding the assignments of Azure resource roles when giving permissions.