#Security

The cloud gray zone—secret agents installed by cloud service providers

Wiz Research builds upon previous “OMIGOD” findings with a presentation at RSA Conference 2022; details how cloud middleware use across cloud service providers can expose customers' virtual machines to new attack vectors

Securing AWS Lambda function URLs

Learn about the security risks of misconfigured Lambda function URLs and how to properly secure them.

Addressing the Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments

Learn how to address Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments.

5 reasons endpoint security agents are not enough

In this post, we discuss five security limitations of endpoint security agents and also explain how adding agentless solutions can improve your cloud environment security.

Towards a better cloud vulnerability response model

Who is responsible for doing what when a new cloud vulnerability is disclosed? Right now, it can be hard to know.

Log4Shell Meltdown: How to protect your cloud from this critical RCE threat

Log4Shell Meltdown: How to protect your cloud from this critical RCE threat. In this post, we’ll provide a quick overview of Log4Shell: what it is, its impact, and recommendations for security teams.

Security industry call to action: we need a cloud vulnerability database

In the pre-cloud era, the responsibility for security was fully in the hands of the users. As we uncover new types of vulnerabilities, we discover more and more issues that do not fit the current model. Solution: we need a centralized cloud vulnerabilities database.

How to Protect Your Cloud Environment from Supply Chain Attacks

Learn how to protect your cloud environment from supply chain attacks.