‘Orca Watch’ Series
The Top 5 Cloud Security Risks of 2023 (so far)
As we approach the middle of 2023, we thought it an appropriate time to reflect on the cloud security risks...
Blog
Cloud Security Use Cases
Five Best Practices for PCI DSS Compliance in the Cloud
If your organization processes credit card payments, you are probably familiar with PCI DSS, a compliance mandate that was initially...
AWS GuardDuty detects suspicious traffic from an instance with malware
Suspicious traffic was found by AWS GuardDuty service on EC2 instance {AwsEc2Instance} ({AwsEc2Instance.InstanceId}) detected with malware by Orca. AWS GuardDuty...
AWS GuardDuty detects RDP brute force attempts on an exposed unpatched Windows instance
Brute force attempts were detected by AWS GuardDuty service on the Internet facing Unpatched Windows EC2 instance {AwsEc2Instance} ({AwsEc2Instance.InstanceId}). AWS...
S3 Bucket with Policy:S3/BucketBlockPublicAccessDisabled GuardDuty Alert Found
GuardDuty finding was triggered for s3 bucket. It was found that the 'BucketBlockPublicAccessDisabled' feature was disabled for {AwsS3Bucket} bucket. This...
User with Stealth:IAMUser/CloudTrailLoggingDisabled GuardDuty Alert Found
GuardDuty finding was triggered for aws user.
Ec2 with Behavior:EC2/TrafficVolumeUnusual GuardDuty Alert Found
GuardDuty finding was triggered for ec2 instance.
Ec2 with CryptoCurrency:EC2/BitcoinTool.B GuardDuty Alert Found
GuardDuty finding was triggered for ec2 instance.