AWS EC2 instance allows public ingress access on Redis port 6379
Redis is a caching service to store application related information which is sensitive and confidential. Allowing inbound traffic from external...
Blog
Cloud function without HTTPS Trigger
GCP cloud function {GcpCloudFunction} was detected running without HTTPS trigger, allowing unauthenticated invocation by default.
AWS EC2 instance allows public ingress access on LDAP port 389
LDAP (Lightweight Directory Access Protocol) is used to connect to directory services for user authentication and retrieval. Allowing Inbound traffic...
Asset Configuration
The asset {asset_name} ({asset_id}) is configured to use instance metadata service version 1 and 2 (Metadata_HttpToken = {Metadata_HttpTokens}, not enforcing...
S3 Bucket Object Versioning
Using versioning-enabled S3 buckets will allow you to preserve, retrieve, and restore every version of an S3 object. S3 versioning...
Orca Platform
What is Cloud Infrastructure Entitlements Management? CIEM Explained
As more businesses have embraced modern cloud platforms like Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure,...
Orca Platform
Elevate Cloud Infrastructure Entitlement Management (CIEM) with Analytics & Guided Remediation
As a Cloud-Native Application Protection Platform (CNAPP), the Orca Cloud Security Platform incorporates CIEM to help organizations protect their cloud...
Orca Platform
Why You Should Read Agentless Cloud Security For Dummies
Orca Security is excited to announce that we have partnered with Wiley on the recently published eBook, Agentless Cloud Security...
Cloud Security Insights
Top 5 Cloud Misconfiguration Risks
Discover the top 5 cloud misconfigurations as well as expert tips to help you identify and eliminate security vulnerabilities within...
