In The News
Featured Research
Categories
Discovered Vulnerabilities
Critical cloud infrastructure vulnerabilities discovered by the Orca Research Pod.
‘Orca Watch’ Series
Blog series that discusses trends and new risks as seen on the Orca platform.
Technical Deep Dives
In-depth, technical articles on cloud security and recommended best practices.
Latest from the Orca Research Pod

Discovered Vulnerabilities
From listKeys to Glory: How We Achieved a Subscription Privilege Escalation and RCE by Abusing Azure Storage Account Keys
Apr 11, 2023

Discovered Vulnerabilities
Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383)
Mar 30, 2023

Amazon Web Services (AWS)
Meet IAM APE: An Open Source Tool to Simplify AWS IAM Policy Management
Mar 09, 2023

‘Orca Watch’ Series
Everything You Didn’t Know About Cross-Account and Cross-Cloud Provider Attacks
Mar 08, 2023

Cloud Risk Encyclopedia
Search 2000+ cloud security risks or filter by cloud vendor, compliance framework, risk category, and criticality. 5 cloud platforms. 100+ compliance frameworks. 18 risk categories. 4 risk levels.