Identity & IAM
The Conversation No one is Having About Claude Mythos
Mythos finds the vulnerability. Your permissions posture determines the damage. At sufficient scale, Mythos-style breaches are inevitable. Patching matters, but no pipeline keeps pace with thousands of simultaneous zero-days. The relevant question ...
Preventing This Week’s AWS Cryptomining Attacks: Why Detection Fails and Permissions Matter
The recent discovery of a cryptomining campaign targeting Amazon compute resources highlights a critical gap in traditional cloud defense. Attackers are bypassing perimeter defenses by leveraging compromised credentials to execute legitimate but ...
Sandboxed to Compromised: New Research Exposes Credential Exfiltration Paths in AWS Code Interpreters
In my first article on Bedrock AgentCore Code Interpreters, I demonstrated that custom code interpreters can be coerced into performing AWS control plane actions by non-agentic identities. This presented a novel path ...
Cloud Privilege Is a Mess. Legacy PAM Can’t Fix It.
For years, organizations have tried to retrofit Privileged Access Management (PAM) tools into the public cloud. Jump boxes. Vaults. Session recording. Manual provisioning. None of it scales and it doesn’t scratch the ...
Is AWS Access Analyzer a Solution for Unused Identities?
Exploring Practical Steps for Cleaning up Identity Sprawl A lot of security tools act like finding the list of unused identities is the hard part. The reality, however, is that running a ...
There’s a New Way To Do Least Privilege
Least privilege. It’s like a love-hate relationship. Everyone knows it’s a best practice, but no one is achieving it at scale. Why? Because it’s hard to do. The market is constantly trying ...
Defining a Cloud Permissions Firewall
Sonrai recently launched the first-ever Cloud Permissions Firewall – a new class of solution built to more efficiently protect sensitive permissions and access. A new solution class deserves a proper introduction and ...
AWS Service Control Policies (SCPs): A Complete Guide for 2026
The cloud is all about innovation at a speed never before possible. This can often lead to rapid development sprints and a proliferation of identities and infrastructure, and with that, excessive privilege ...
Top 3 Identity Risks In Enterprise Clouds
Reading Time: 6 minutes After months of offering our Cloud Identity Diagnostic – a report detailing what identity and privilege risks are leaving organizations vulnerable to data breach and business disruption, where ...
Multi Cloud Identity Management: How To Address Security Gaps
Multi cloud identity management (IAM) is an increasing reality as a majority of enterprises head towards two or more operating clouds. As businesses expand their cloud estate, the importance of securing identities ...
