Testing the Waters: First Impressions of CloudTrail Lake
Our first impressions of AWS's new managed audit and security lake that allows you to aggregate, immutably store, and query activity logs....
Tracking Adversaries in AWS Using Anomaly Detection
Here’s how to minimize the impact of a breach by identifying malicious actors’ anomalous behavior and taking action....
SEGA’s Saga of Nearly Compromised Credentials
A look at VPNO’s recent findings of publicly accessible S3 buckets on SEGA’s infrastructure and what we can learn from it....
Protect Your AWS Environment Beyond Patching Log4j
Check out crucial strategic lessons overlooked by enterprises dealing with the recently reported Log4j vulnerability....
How to Start Up Your Cloud Security
Startups may think they can postpone implementing a cloud security program but should in fact take early action — here’s why, and easy steps for doing so....
Not Just Buckets: Are You Aware of ALL Your Public Resources?
A misconfiguration of resource-based policies can inadvertently make resources public. Do you have such misconfigured policies present in your environment?...
How Smart Secrets Storage Can Help You Avoid Cloud Security Risks
The not-so-sensitive locations that may tempt you when storing sensitive information — why to avoid them and how....
Five Strategies for Mitigating Your S3 Misconfiguration Ransomware Threat
Check out these detailed steps to improve ransomware protection of your AWS environment....
The Urgent Threat of Ransomware to S3 Buckets Due to Misconfigurations
Learn all about misconfigurations that can lead to S3 ransomware exposure and the mitigation tools you can leverage to prevent it....
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
Learn the importance of understanding the assignments of Azure resource roles when giving permissions....
The AWS Shared Responsibility Model: Everything You Need to Know
What the shared responsibility model means, its many challenges & how to protect your cloud infrastructure....
AWS Resource Provisioning with Attribute Based Access Control (ABAC): What You Need To Know
ABAC offers highly dynamic control of the actions that principals can perform on resources, however there are some things you need to pay attention to when using ABAC in order to avoid unnecessary security gaps....