Research Pod Archives | Page 3 of 8

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Research

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

It will come as no surprise that Kubernetes deployments are growing exponentially across many industries. According to the Cloud Native...

Roi Nisimi

Aug 27, 2024

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

‘Orca Watch’ Series

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

Microsoft recently advised of a critical TCP/IP Remote Code Execution Vulnerability dubbed CVE 2024-38063, which is a critical unauthenticated Remote...

Roi Nisimi

Aug 19, 2024

Meet AI Goat: The First Open Source AI Security Learning Environment Based on the OWASP Top 10 ML Risks

Technical Deep Dives

Meet AI Goat: The First Open Source AI Security Learning Environment Based on the OWASP Top 10 ML Risks

We’re excited to announce that the Orca Research Pod has launched AI Goat, the first open source AI security hands-on...

Ofir Yakobi Shir Sadon

Aug 08, 2024

Why You Should Disable Your Unauthenticated Read-only Ports On GKE Kubelet Servers

Research

Why You Should Disable Your Unauthenticated Read-only Ports On GKE Kubelet Servers

On July 26th, Google sent their Google Kubernetes Engine (GKE) customers an email about the fact that they identified an...

Yonatan Broder

Aug 02, 2024

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

‘Orca Watch’ Series

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

Remediating an issue like today’s outage on Windows machines with the CrowdStrike Falcon Sensor at cloud scale can be particularly...

Tohar Braun

Jul 19, 2024

The Five Most Common AI Model Risks and How to Prevent Them

Technical Deep Dives

The Five Most Common AI Model Risks and How to Prevent Them

It’s hard to ignore how GenAI has already become an integral part of our daily lives, with people using LLMs...

Bar Kaduri

Jul 18, 2024

Critical CVE-2024-4577: PHP CGI Argument Injection Vulnerability

Orca Platform

Critical CVE-2024-4577: PHP CGI Argument Injection Vulnerability

On June 6th, researchers from Shadowserver, a nonprofit security organization, discovered a heavily exploited vulnerability in PHP servers running on...

Yonatan Yosef

Jun 13, 2024

LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs

Discovered Vulnerabilities

LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs

Table of contentsExecutive Summary:What are Azure, Gcloud and AWS CLI?Exposure of Serverless environment variablesAWS CLI LeakageGcloud CLI LeakageExploitation Proof of...

Roi Nisimi

Apr 16, 2024

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Technical Deep Dives

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

Table of contentsBuilding the vulnerable scenariosScenario 1: Web application vulnerabilityScenario 2: CI/CD server vulnerabilityAutomated vulnerability detection using Nuclei templatesScenario 1:...

Ofir Yakobi

Apr 03, 2024

Research Pod

Kubernetes Testing Environment: An Open Source Resilience Platform for EKS, GKE and AKS

Mitigating CVE 2024-38063: Critical RCE Vulnerability On Windows Systems With IPv6

Meet AI Goat: The First Open Source AI Security Learning Environment Based on the OWASP Top 10 ML Risks

Why You Should Disable Your Unauthenticated Read-only Ports On GKE Kubelet Servers

Addressing CrowdStrike on Cloud VMs in AWS with Automated Remediation

The Five Most Common AI Model Risks and How to Prevent Them

Critical CVE-2024-4577: PHP CGI Argument Injection Vulnerability

LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs

Leveraging Nuclei Templates to Identify Risks and Threats in Critical Cloud Applications

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons