Cloudtrail is not Enabled in All Regions
AWS CloudTrail is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. Visibility into...
Blog
Azure storage container is publicly accessible
Anonymous, public read access to a container and its blobs can be enabled in Azure Blob storage. It grants read-only...
Potentially Personal Identifying Information found – Email Addresses
Unencrypted email addresses were found on a cloud asset. Exposure to malicious actors can cause harm to not only the...
Users with Console Access do not have MFA Enabled
Multi-Factor Authentication (MFA) adds an extra layer of authentication assurance beyond traditional credentials. With MFA enabled, when a user signs...
SSH Authentication with Username and Password
The SSH configuration on the operation system is set to allow username and password authentication. SSH authentication based on username...
CISO Corner
CISOs Are Still Chiefs in Name Only
It’s all in the title. Chief Information Security Officer (or, if you’re really cool, merely Chief Security Officer)
CISO Corner
The Security User Experience (SUX)
Find out what happens when a CISO tests out the security user experience by purchasing way too many gift cards...
Cloud Security Insights
Why You Should Know the OWASP API Security Top 10
The Open Web Application Security Project (OWASP) API Security Top 10 focuses on understanding and mitigating vulnerabilities and security risks...
Orca Platform
Why Agent-based Security Fails in Rapid Response Scenarios
With the continued adoption of open source software, security teams need to ensure they can quickly and efficiently identify vulnerable...
