Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF
New CNAPPgoat scenario makes experimentation easy by triggering calls to AWS service from an EC2 instance exposed to SSRF The post Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF appeared first on Ermetic ... Read More
Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF
New CNAPPgoat scenario makes experimentation easy by triggering calls to AWS service from an EC2 instance exposed to SSRF The post Exfiltrated, Signed, Delivered – What Can Go Wrong When an Amazon Elastic Compute Cloud (EC2) Instance is Exposed to SSRF appeared first on Tenable Cloud Security ... Read More
What’s New with CNAPPgoat?
Read about the newest, expanded features in Ermetic’s open source vulnerable-by-design tool for enhancing your security skills The post What’s New with CNAPPgoat? appeared first on Ermetic ... Read More
The Azure Metadata Protection You Didn’t Know Was There
Some Azure services have an additional, not widely known, protection mechanism against session token exfiltration The post The Azure Metadata Protection You Didn’t Know Was There appeared first on Ermetic ... Read More
The Next Step in the IMDSv1 Redemption Journey
Learn about AWS’s new open source library for enforcing IMDSv2 and Ermetic’s new lab for trying it out The post The Next Step in the IMDSv1 Redemption Journey appeared first on Ermetic ... Read More
CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources
All about CNAPPgoat, our open-source project designed to modularly provision vulnerable-by-design components in cloud environments. The post CNAPPgoat: The Multicloud Open-Source Tool for Deploying Vulnerable-by-Design Cloud Resources appeared first on Ermetic ... Read More
The Default Toxic Combination of GCP Compute Engine Instances
By default, compute instances in GCP are prone to a toxic combination that you should be aware of, and can avoid and fix The post The Default Toxic Combination of GCP Compute Engine Instances appeared first on Ermetic ... Read More
Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin
Our new open source Terraform project offers hands-on experience with VPC endpoints and demos AWS's new condition keys for securing EC2 instances The post Terraform Lab: Taking the New VPC Endpoint Condition Keys Out for a Spin appeared first on Ermetic ... Read More
Federating Kubernetes Workloads with Cloud Identities
Your K8s workloads legitimately need access to sensitive cloud resources – federated identities let you grant it easily and securely The post Federating Kubernetes Workloads with Cloud Identities appeared first on Ermetic ... Read More
A New Incentive for Using AWS VPC Endpoints
If you haven’t been using VPC endpoints until now, AWS's two new condition keys should make you consider doing so The post A New Incentive for Using AWS VPC Endpoints appeared first on Ermetic ... Read More