Neil Carpenter, Author at Orca Security

POC and Explanation of Critical TeamCity Authentication Bypass Vulnerability (CVE-2024-27198)

‘Orca Watch’ Series

POC and Explanation of Critical TeamCity Authentication Bypass Vulnerability (CVE-2024-27198)

With 84% of vulnerable and exposed TeamCity servers likely already compromised, the recent issue in JetBrains’ TeamCity illustrates how a...

Mar 20, 2024

NVD Update Delays: What to Know and Non-Impact to Orca Security Customers

Orca Platform

NVD Update Delays: What to Know and Non-Impact to Orca Security Customers

The National Vulnerability Database (NVD), a US government repository of standards-based vulnerability data that enables organizations and cybersecurity solutions to...

Mar 19, 2024

Container Security Best Practices: Securing Build to Runtime (and Back)

Cloud Security Learning

Container Security Best Practices: Securing Build to Runtime (and Back)

Table of contentsContainer security across the SDLCSDLC Stage 1: Build stage security best practicesSDLC Stage 2: Deployment challenges and best...

Mar 15, 2024

Breaking Down APT29’s Latest Tactics and How to Defend Against Them

‘Orca Watch’ Series

Breaking Down APT29’s Latest Tactics and How to Defend Against Them

Recently, the US National Security Agency (NSA) joined United Kingdom’s National Cyber Security Center (NCSC) in releasing an advisory detailing...

Mar 14, 2024

Empowering Shift Left Security: Meet the Orca GitLab App

Orca Platform

Empowering Shift Left Security: Meet the Orca GitLab App

The power of integrating security scanning and policy enforcement earlier in the application development lifecycle is tremendous. Orca’s GitHub App...

Feb 22, 2024

Orca Security: A Strong Performer in the 2024 Forrester Wave™ for Cloud Workload Security

Orca Platform

Orca Security: A Strong Performer in the 2024 Forrester Wave™ for Cloud Workload Security

At Orca Security, we’re on a mission to make it fast, easy, and cost effective for organizations to address the...

Feb 08, 2024

How to Protect Against Midnight Blizzard-Style Kill Chains

‘Orca Watch’ Series

How to Protect Against Midnight Blizzard-Style Kill Chains

Last week, Microsoft revealed that the Russia-based threat actor group known as Midnight Blizzard, Cozy Bear, and APT29 had compromised...

Jan 30, 2024

Vulnerability Mismanagement: Why Patch Faster, Fix Faster Is a Broken Model

Cloud Security Use Cases

Vulnerability Mismanagement: Why Patch Faster, Fix Faster Is a Broken Model

Eric Goldstein, the executive assistant director for cybersecurity at the US government’s Cybersecurity and Infrastructure Security Agency (CISA), recently said...

Jan 18, 2024

Now What?: Keeping Ahead of the SEC’s Incident and Risk Management Reporting Requirements

Cloud Security Use Cases

Now What?: Keeping Ahead of the SEC’s Incident and Risk Management Reporting Requirements

The recent decision by the US Securities & Exchange Commission to require companies to report on cybersecurity risk and “material”...

Jan 09, 2024

All articles by Neil Carpenter

POC and Explanation of Critical TeamCity Authentication Bypass Vulnerability (CVE-2024-27198)

NVD Update Delays: What to Know and Non-Impact to Orca Security Customers

Container Security Best Practices: Securing Build to Runtime (and Back)

Breaking Down APT29’s Latest Tactics and How to Defend Against Them

Empowering Shift Left Security: Meet the Orca GitLab App

Orca Security: A Strong Performer in the 2024 Forrester Wave™ for Cloud Workload Security

How to Protect Against Midnight Blizzard-Style Kill Chains

Vulnerability Mismanagement: Why Patch Faster, Fix Faster Is a Broken Model

Now What?: Keeping Ahead of the SEC’s Incident and Risk Management Reporting Requirements

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons