Compute Instance with Default Service Account
The Compute Engine default service account is created with the primitive editor role within the project scope. These roles are...
Blog
Lambda function shares its IAM role
AWS lambda function {AwsLambdaFunction} does not follow the principle of least privilege, and shares its IAM role with another function.
IAM Role with Administrative Privileges
Orca has detected that the role {AwsIamRole} was granted full administrative privileges on the account. These privileges grant them the...
Azure Storage Account without private endpoint and firewall configured
In the storage account creation process, there are three connectivity methods: Public for all networks, Public for specified networks or...
Kubernetes API server publicly accessible
The API server of {GcpGkeCluster} is publicly accessible from anywhere on the internet. This leaves the Kubernetes API server exposed...
AWS Dynamodb table with provisioned capacity mode and disabled read/write autoscaling
It was detected that the read/write autoscaling of DynamoDB table ({AwsDynamodbTable}) is disabled. Amazon DynamoDB auto scaling uses the AWS...
Orca Platform
API Security: Expanding Coverage to Better Identify External API Exposure
API Security has risen to the top of the priorities list for CISOs and security teams. As misconfigured APIs have...
Life at Orca
Pod Spotlight: George Mathew
Life at Orca Security revolves around the Pod - the people who have joined Orca’s mission to make the cloud...
