#Security
The cloud gray zone—secret agents installed by cloud service providers
Wiz Research builds upon previous “OMIGOD” findings with a presentation at RSA Conference 2022; details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors
Securing AWS Lambda function URLs
Learn about the security risks of misconfigured Lambda function URLs and how to properly secure them.
Addressing the Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments
Learn how to address Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments.
5 reasons endpoint security agents are not enough
In this post, we discuss five security limitations of endpoint security agents and also explain how adding agentless solutions can improve your cloud environment security.
Towards a better cloud vulnerability response model
Who is responsible for doing what when a new cloud vulnerability is disclosed? Right now, it can be hard to know.
Log4Shell Meltdown: How to protect your cloud from this critical RCE threat
Log4Shell Meltdown: How to protect your cloud from this critical RCE threat. In this post, we’ll provide a quick overview of Log4Shell: what it is, its impact, and recommendations for security teams.
Security industry call to action: we need a cloud vulnerability database
In the pre-cloud era, the responsibility for security was fully in the hands of the users. As we uncover new types of vulnerabilities, we discover more and more issues that do not fit the current model. Solution: we need a centralized cloud vulnerabilities database.
How to Protect Your Cloud Environment from Supply Chain Attacks
Learn how to protect your cloud environment from supply chain attacks.