• English
  • Contact
  • Support
  • Login
Orca Security Orca Security
  • Platform
    • Back Platform

      Cloud Security Platform

      • SideScanning™ TechnologyComplete cloud coverage without agents
      • Context-Aware SecurityPrioritize the 1% of alerts that matter
      • Built-in ComplianceContinuous compliance with a single platform
      • Automation & CustomizationGet actionable intelligence to the right teams
  • Solutions

    Back Solutions

    Solutions by

    • Use Case
      • Back Use Case

        Use Case

        • Vulnerability ManagementDiscover and prioritize vulnerabilities in the cloud
        • Malware DetectionCloud malware detection with no performance impact
        • MisconfigurationsFix misconfigurations before attackers find them
        • Lateral Movement RiskExpose hidden lateral movement risk
        • Identity and Access ManagementDiscover common and obscure IAM misconfigurations
        • Sensitive Data DetectionLocate misplaced and unprotected sensitive data
        • Shift Left SecurityComprehensive security across the full software development lifecycle
    • Industry
      • Back Industry

        Industry

        • Financial ServicesAgentless multi-cloud security and compliance at scale
        • Technology ServicesFlexible multi-cloud security with unlimited visibility
        • Media & EntertainmentSimplify security and compliance with a single platform
        • HealthcareCloud security and HIPAA compliance
        • RetailSecurity and PCI compliance at cloud scale
    • Role
      • Back Role

        Role

        • DevOpsCloud security that keeps DevOps agile
        • Security PractitionersAgentless security deployed in minutes
        • CISOHolistic cloud security for effective risk management
  • Partners

    Back Partners

    Become a partner
    Join the program ->
      • Partner OverviewHelping partners across the globe grow their business
      • Technology Ecosystem
        • Amazon Web Services
        • Microsoft Azure
        • Google Cloud
  • About

    Back About

    Join our team
    See Open Positions ->
      • Why Orca?What sets us apart
      • About UsSecurity built for the cloud
      • CareersFind your next job at Orca
      • FAQsAll your Orca questions answered
      • Rating & ReviewsSee how Orca is rated by your peers
      • Orca Research PodAdvancing cloud security
      • NewsroomOrca Security news and coverage
      • Media KitOrca Security press materials
      • Contact UsContact Orca Security
  • Resources

    Back Resources

    Cloud Security Risk Assessment Orca Security’s Free Risk Assessment and Trial
    Get started today ->
      • Resource LibraryOrca videos, reports and white papers
      • Product InfoOrca product literature and videos
      • EventsUpcoming Orca events and webinars
      • PodcastHear from IT security leaders
      • BlogExpand your cloud security knowledge
      • Cloud Risk EncyclopediaBrowse information on 1200+ cloud risks
      • ComparisonsHead-to-head comparison of cloud security solutions
      • Case StudiesLearn why customers use and trust Orca
  • Research

    Back Research

    ORCA RESEARCH
    Orca Research Pod Our team advancing cloud security
    Meet our team ->
    Cloud Risk Encyclopedia Browse information on 1200+ cloud risks
    See the latest risks ->
    • FEATURED RESEARCH
      Security Advisory: Insufficient Tenant Separation in Azure Synapse Service Security Advisory: Insufficient Tenant Separation in Azure Synapse Service
      Read the post ->
    • MORE POSTS
      Linux Privilege Escalation Vulnerability in Polkit’s pkexec Bar Kaduri
      Oracle Server Side Request Forgery (SSRF) Metadata Lidor Ben Shitrit
      A Tale About Vulnerability Research and Early Detection Yanir Tsarimi
      See all research ->
  • Test Drive
  • Watch Demo
View more results

All articles by Lidor Ben Shitrit

Protestware malicious code found in NPM package node-ipc in Russia / Belarus, overwriting entire file systems with heart emojis to symbolize peace.

Blog

Open Source Package Risks in Cloud Environments and How It Relates to the Russian-Ukrainian Conflict

Lidor Ben Shitrit

Lidor Ben Shitrit Apr 27, 2022

Orca researcher Lidor Ben Shitrit reveals how Log4 shell TTPs in an AWS cloud environment can be used to open up a Log4j security vulnerability

Research Pod

Unfolding the Log4j Security Vulnerability and Log4shell TTPs in AWS

Lidor Ben Shitrit

Lidor Ben Shitrit Apr 13, 2022

A misconfigured service can play a crucial role in facilitating a Server Side Request Forgery (SSRF) attack. Oracle SSRF metadata can help predict it.

Blog

Oracle Server Side Request Forgery (SSRF) Metadata

Lidor Ben Shitrit

Lidor Ben Shitrit Feb 08, 2022

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.
  • Platform
    • CLOUD SECURITY PLATFORM
      • SideScanning™ Technology
      • Context-Aware Security
      • Built-in Compliance
      • Automation & Customization
    • TECHNOLOGY ECOSYSTEM
      • Amazon Web Services
      • Microsoft Azure
      • Google Cloud Platform
  • Solutions
    • By Use Case
      • Vulnerability Management
      • Malware Detection
      • Misconfigurations
      • Lateral Movement Risk
      • IAM Risk
      • Sensitive Data Detection
      • Shift Left Security
    • By Industry
      • Financial Services
      • Technology Services
      • Media & Entertainment
      • Healthcare
      • Retail
  • Resources
    • Resources
      • Library
      • Product Info
      • Podcast
      • Case Studies
      • Cloud Risk Encyclopedia
      • Blog
      • Events
    • COMPARISONS
      • Cloud Security Posture Managers (CSPM)
      • Prisma Cloud Security
      • Qualys Cloud Agent
      • Twistlock Container Security
      • Redlock Palo Alto
      • Rapid7 InsightVM
      • Check Point CloudGuard Dome9
  • Company
    • Company
      • About
      • Partners
      • Reviews
      • Orca Research Pod
      • Careers
      • Newsroom
      • Media Kit
      • FAQs
    • Contact
      • Support
      • Login
  • Stay in touch

    Get cloud security insights
    and the latest Orca news


Orca Security

©2022 Orca Security. All rights reserved.

  • Privacy Policy
  • Terms of Use