VM Instance Using the Default Service Account
It is recommended to configure your instance to not use the default Compute Engine service account because it has the...
All articles by Orca Security
Role Can be Assumed by External Identity
Orca has detected a IAM Role which can be assumed by an entity which is not a member of the...
Externally Exposed AMI
We found that your Amazon Machine Image (AMI) {AwsEc2Image} is public. A public AMI is available for use by all...
S3 Bucket Allows Public READ Access
Ensure that your S3 buckets content cannot be publicly listed in order to protect against unauthorized access. An S3 bucket...
Unused Credentials Found
AWS IAM users can access AWS resources using different types of credentials, such as passwords or access keys. It is...
Cross-Account Access Without External ID or MFA
Ensure that Amazon IAM roles used to establish a trusted relationship between your AWS account and a third-party entity (also...
Research
Orca Security 2020 State of Virtual Appliance Security Report
This report illuminates major gaps in virtual appliance security, finding many are being distributed with known, exploitable, and fixable vulnerabilities
Cloud Security Insights
Why Detection Rate is the Incorrect Metric
The vast majority of breaches occur when assets aren’t fully protected by existing security solutions. Use these 3 metrics for...
Research
The Top Emerging Cloud Based Security Threats
Traditional security procedures and safeguards are often bypassed in the cloud. Be especially vigilant in monitoring these 6 cloud security...
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.
Chat with Us
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.
Chat with an Orca ExpertNo Slack account required.