Tohar Braun, Author at Orca Security

OWASP Non-Human Identities Top 10:Forging a New Standard in Cloud Security

Research

OWASP Non-Human Identities Top 10:Forging a New Standard in Cloud Security

Table of contentsWhat is the OWASP Non-Human Identities Top 10 Project?A deep dive into the NHI Top 101. NHI1:2025 -...

Bar Kaduri Tohar Braun

Jan 21, 2025

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

‘Orca Watch’ Series

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

Remediating an issue like today’s outage on Windows machines with the CrowdStrike Falcon Sensor at cloud scale can be particularly...

Tohar Braun

Jul 19, 2024

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

‘Orca Watch’ Series

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

The state of cloud security is a dynamic and ever-evolving landscape, as both attackers and defenders continuously adapt their tactics...

Bar Kaduri Tohar Braun

Jun 20, 2023

Dependency Confusion Supply Chain Attacks: 49% of Organizations Are Vulnerable

Research

Dependency Confusion Supply Chain Attacks: 49% of Organizations Are Vulnerable

In recent years, supply chain attacks targeting software developers and suppliers have become increasingly common. The primary objective of these...

Tohar Braun Lidor Ben Shitrit

May 09, 2023

Meet IAM APE: An Open Source Tool to Simplify AWS IAM Policy Management

Amazon Web Services

Meet IAM APE: An Open Source Tool to Simplify AWS IAM Policy Management

We're excited to announce the release of our new free community cloud security tool IAM AWS Policy Evaluator (IAM APE),...

Tohar Braun

Mar 09, 2023

GCP Organization Policies: Governing Your Inheritance

Google Cloud

GCP Organization Policies: Governing Your Inheritance

A GCP Organization is the top node of the permissions hierarchy, making policies defined at this level powerful, automatically applying...

Tohar Braun

Apr 20, 2022

CVE-2018-25032: Zlib Memory Corruption Vulnerability

‘Orca Watch’ Series

CVE-2018-25032: Zlib Memory Corruption Vulnerability

On March 25, 2022, a PoC was published for the 4-year old CVE-2018-25032 in Zlib open source software that everyone...

Tohar Braun

Mar 29, 2022

Research

Google Cloud Platform IAM

Google’s approach to Identity and Access Management is relatively the most straightforward among the three major cloud providers.

Tohar Braun

Dec 02, 2021

All articles by Tohar Braun

OWASP Non-Human Identities Top 10:Forging a New Standard in Cloud Security

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes

Dependency Confusion Supply Chain Attacks: 49% of Organizations Are Vulnerable

Meet IAM APE: An Open Source Tool to Simplify AWS IAM Policy Management

GCP Organization Policies: Governing Your Inheritance

CVE-2018-25032: Zlib Memory Corruption Vulnerability

Google Cloud Platform IAM

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons