Blog

English posts

Medium
How Attackers Can Abuse IAM Roles Anywhere for Persistent AWS Access
25 Aug 2024

How Attackers Can Abuse IAM Roles Anywhere for Persistent AWS Access
Medium
Gaining AWS Persistence by Updating a SAML Identity Provider
25 Aug 2024

Gaining AWS Persistence by Updating a SAML Identity Provider
Medium
Discover New CloudTrail Logs on TrailDiscover, Powered by Grimoire!
25 Aug 2024

Discover New CloudTrail Logs on TrailDiscover, Powered by Grimoire!
Medium
Discover New CloudTrail Logs on TrailDiscover, Powered by Grimoire!
25 Aug 2024

Discover New CloudTrail Logs on TrailDiscover, Powered by Grimoire!
Medium
Automating Incident Response in AWS: Blocking a Compromised Identity Center User
03 Jun 2024

Automating Incident Response in AWS: Blocking a Compromised Identity Center User
Medium
Deterring Attackers with HoneyTrail: Deploying Deception in AWS
12 May 2024

Deterring Attackers with HoneyTrail: Deploying Deception in AWS
Medium
What’s New in TrailDiscover: Integrating Permissions Information, Alerting, and Simulations
06 Apr 2024

What’s New in TrailDiscover: Integrating Permissions Information, Alerting, and Simulations
Medium
Introducing TrailDiscover: Simplifying Access to Security Insights about CloudTrail Events
03 Mar 2024

Introducing TrailDiscover: Simplifying Access to Security Insights about CloudTrail Events
Medium
Cybersecurity — It’s All About Trust
30 Dec 2023

Cybersecurity — It’s All About Trust
Medium
Enhancing AWS GuardDuty Alerts with GuardDutyInsightfulAlerts
06 Dec 2023

Enhancing AWS GuardDuty Alerts with GuardDutyInsightfulAlerts
Medium
Lambda Extensions: Exploring Misuse Scenarios and Stratus Red Team Module Development
15 Nov 2023

Lambda Extensions: Exploring Misuse Scenarios and Stratus Red Team Module Development
Medium
Rigging the Rules: Manipulating AWS ALB to Mine Sensitive Data
24 Oct 2023

Rigging the Rules: Manipulating AWS ALB to Mine Sensitive Data
Medium
Distorting the Sync: How AWS AppSync Can Be Turned into an Attacker’s Backdoor
3 Oct 2023

Distorting the Sync: How AWS AppSync Can Be Turned into an Attacker’s Backdoor
Medium
How Attackers Can Misuse AWS CloudFront Access to Make It ‘Rain’ Cookies
14 Sep 2023

How Attackers Can Misuse AWS CloudFront Access to Make It ‘Rain’ Cookies
Medium
Ensuring Alert Readiness: Lessons from Schrödinger’s Cat
2 Sep 2023

Ensuring Alert Readiness: Lessons from Schrödinger’s Cat

Medium
What’s Missing in Your Vulnerability Management Strategy? Exploring CVSS, EPSS, KEV, and Beyond.
19 Aug 2023

What’s Missing in Your Vulnerability Management Strategy? Exploring CVSS, EPSS, KEV, and Beyond.
Medium
Are You Just Checking Boxes? Turning Compliance into Real Security
7 Aug 2023

Are You Just Checking Boxes? Turning Compliance into Real Security

Medium
When a Storm Hits the Cloud: Learning from the Microsoft Breach
1 Aug 2023

When a Storm Hits the Cloud: Learning from the Microsoft Breach

Medium
Enhancing Security for AWS Static Websites: A PoC Implementation of Honeytokens
22 Jul 2023

Enhancing Security for AWS Static Websites: A PoC Implementation of Honeytokens
Medium
Cybersecurity, Here to Help: Preventing Extra Cognitive Load for Developers
15 Jul 2023

Cybersecurity, Here to Help: Preventing Extra Cognitive Load for Developers
Medium
Analyzing the SCARLETEEL Attack: Proposed Alerts for Early Detection and Response
04 Mar 2023

Analyzing the SCARLETEEL Attack: Proposed Alerts for Early Detection and Response
Medium
Learning from the CircleCI incident with a tabletop exercise
30 Jan 2023

Learning from the CircleCI incident with a tabletop exercise
Medium
Cybersecurity — It’s all about risks
13 Oct 2022

Cybersecurity — It’s all about risks
See All Posts