• English
  • Search
  • Contact
  • Support
  • Login
    • USA
    • Europe
    • Australia
    • US-Gov
  • The Orca Platform

    Secure cloud infrastructure, workloads, data and identities with our industry-leading agentless platform.

    • Platform Overview
    • Cloud Security Posture Management
      Identify and remediate misconfigurations across clouds
    • Cloud Workload Protection
      Protect VMs, containers, and serverless functions
    • Container and Kubernetes Security
      Scalable security for containers and Kubernetes for every cloud layer
    • Cloud Detection & Response
      24x7 monitoring and response across the entire cloud attack surface
    • Vulnerability Management
      Agentless vulnerability management that prioritizes your most critical risks
    • Cloud Infrastructure Entitlement Management
      Secure cloud identities and entitlements
    • Multi-Cloud Compliance
      Achieve regulatory compliance with frameworks, benchmarks, and custom checks
    • Shift Left Security
      Secure cloud-native apps across the SDLC
    • SideScanning™ Technology
      Our innovative approach provides complete cloud coverage
    • API Security
      Complete API discovery, security posture management, and drift detection
  • Case Studies

    Orca Security is trusted by the most innovative companies across the globe.

    • Browse Case Studies

    Industries

    • Financial Services
    • Technology
    • Government
    • Retail
    • Healthcare
    • Media & Entertainment

    User Roles

    • CISO
    • Security Architect
    • DevOps

    Orca Delivers Near Real-Time Cloud Security Visibility to FourKites.

    Read Case Study

    Insurance Innovator Lemonade Goes from 0 to 100% Cloud Visibility with Orca Security.

    Read Case Study

  • Our Partners

    Our team is extended and strengthened by our strong partnerships across the Cloud Security ecosystem.

    • Partner Overview
    • Join the Program
    • Amazon Web Services
    • Microsoft Azure
    • Google Cloud
    • Alibaba Cloud
  • Orca Research Pod

    Our expert security research team discovers and analyzes cloud risks and vulnerabilities to strengthen the Orca platform.

    • See Our Latest Discoveries

    Orca Research

    How Orca Found SSRF Vulnerabilities in Four Different Azure Services

    CosMiss: Azure Cosmos DB Notebook Remote Code Execution Vulnerability

    Cloud Risk Encyclopedia - Browse Thousands of Cloud Risks

  • Resource Library

    Download and view eBooks, whitepapers, videos and more in our packed Resource Library.

    • Browse Resources

    Blog

    Read Cloud Security thought leadership, how-to's, and insightful posts from Orca Security experts.

    • Browse Blogs
    • Cloud Risk Encyclopedia
    • Product Articles & Videos
    • Comparisons
    • Events
    • Podcasts
    • Customer Support
  • Our Customers

    Orca Security is trusted by the most innovative companies across the globe.

    • Browse Case Studies
    • Why Orca
    • About Us
    • Newsroom
    • Ratings & Reviews
    • Media & Press
    • Careers
    • FAQs
    • Contact Us
  • English
  • Search
  • Contact
  • Support
  • Login
    • USA
    • Europe
    • Australia
    • US-Gov
  • Free Trial
  • Get Demo
View more results

All articles by Lidor Ben Shitrit

Blog

How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services

Lidor Ben Shitrit

Lidor Ben Shitrit Jan 17, 2023

Blog

Unauthenticated SSRF Vulnerability on Azure Digital Twins Explorer

Lidor Ben Shitrit

Lidor Ben Shitrit Jan 17, 2023

Blog

Unauthenticated SSRF Vulnerability on Azure Functions

Lidor Ben Shitrit

Lidor Ben Shitrit Jan 17, 2023

Blog

Authenticated SSRF Vulnerability on Azure API Management Service

Lidor Ben Shitrit

Lidor Ben Shitrit Jan 17, 2023

Blog

Authenticated SSRF Vulnerability on Azure Machine Learning Service

Lidor Ben Shitrit

Lidor Ben Shitrit Jan 17, 2023

Orca Security Critical Cloud Security Threat update

Blog

Supply Chain Attack: CTX Account Takeover and PHPass Hijack Explained

Lidor Ben Shitrit

Lidor Ben Shitrit Jun 13, 2022

Protestware malicious code found in NPM package node-ipc in Russia / Belarus, overwriting entire file systems with heart emojis to symbolize peace.

Blog

Open Source Package Risks in Cloud Environments and How It Relates to the Russian-Ukrainian Conflict

Lidor Ben Shitrit

Lidor Ben Shitrit Apr 27, 2022

Orca researcher Lidor Ben Shitrit reveals how Log4 shell TTPs in an AWS cloud environment can be used to open up a Log4j security vulnerability

Blog

Unfolding the Log4j Security Vulnerability and Log4shell TTPs in AWS

Lidor Ben Shitrit

Lidor Ben Shitrit Apr 13, 2022

A misconfigured service can play a crucial role in facilitating a Server Side Request Forgery (SSRF) attack. Oracle SSRF metadata can help predict it.

Blog

Oracle Server Side Request Forgery (SSRF) Metadata

Lidor Ben Shitrit

Lidor Ben Shitrit Feb 08, 2022

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.
  • Platform

    • CLOUD SECURITY PLATFORM

      • Platform
      • SideScanning™ Technology
      • Context-Aware Security
      • Built-in Compliance
      • Automation & Customization
    • TECHNOLOGY ECOSYSTEM

      • Amazon Web Services
      • Microsoft Azure
      • Google Cloud Platform
  • Solutions

    • By Solution

      • Malware Detection
      • Vulnerability Management
      • Sensitive Data Detection
      • Container and Kubernetes Security
      • Multi-Cloud Compliance and Security
      • Cloud Security Posture Management (CSPM)
      • CIEM
      • Cloud Workload Protection Platform (CWPP)
      • Cloud Detection and Response (CDR)
      • Shift Left Security
      • API Security
    • By Industry

      • Financial Services
      • Technology Services
      • Media & Entertainment
      • Healthcare
      • Retail
  • Resources

      • Library
      • Product Info
      • Podcast
      • Case Studies
      • Cloud Risk Encyclopedia
      • Blog
      • Events
    • COMPARISONS

      • Cloud Security Posture Managers (CSPM)
      • Prisma Cloud Security 2021
      • Prisma Cloud Security 2022
      • Qualys Cloud Agent
      • Twistlock Container Security
      • Redlock Palo Alto
      • Rapid7 InsightVM
      • Check Point CloudGuard Dome9
  • Company

      • About
      • Partners
      • Reviews
      • Orca Research Pod
      • Careers
      • Newsroom
      • Media Kit
      • FAQs
    • Contact
      • Support
      • Login
  • Stay in touch

    Get cloud security insights
    and the latest Orca news


Orca Security

©2023 Orca Security. All rights reserved.

  • Privacy Policy
  • Terms of Use