Research
OWASP Non-Human Identities Top 10:Forging a New Standard in Cloud Security
Table of contentsWhat is the OWASP Non-Human Identities Top 10 Project?A deep dive into the NHI Top 101. NHI1:2025 -...
All articles by Tohar Braun
‘Orca Watch’ Series
Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation
Remediating an issue like today’s outage on Windows machines with the CrowdStrike Falcon Sensor at cloud scale can be particularly...
‘Orca Watch’ Series
2023 Honeypotting in the Cloud Report: Attackers Discover and Weaponize Exposed Cloud Assets and Secrets in Minutes
The state of cloud security is a dynamic and ever-evolving landscape, as both attackers and defenders continuously adapt their tactics...
Research
Dependency Confusion Supply Chain Attacks: 49% of Organizations Are Vulnerable
In recent years, supply chain attacks targeting software developers and suppliers have become increasingly common. The primary objective of these...
Amazon Web Services
Meet IAM APE: An Open Source Tool to Simplify AWS IAM Policy Management
We're excited to announce the release of our new free community cloud security tool IAM AWS Policy Evaluator (IAM APE),...
Google Cloud
GCP Organization Policies: Governing Your Inheritance
A GCP Organization is the top node of the permissions hierarchy, making policies defined at this level powerful, automatically applying...
‘Orca Watch’ Series
CVE-2018-25032: Zlib Memory Corruption Vulnerability
On March 25, 2022, a PoC was published for the 4-year old CVE-2018-25032 in Zlib open source software that everyone...
Research
Google Cloud Platform IAM
Google’s approach to Identity and Access Management is relatively the most straightforward among the three major cloud providers.
Personalized Demo
See Orca Security in Action
Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.