CloudGoat walkthrough series: IAM privilege escalation by attachment
This is the fourth in the walkthrough series of the CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...
Cloud security
CloudGoat walkthrough series: EC2 server-side request forgery (SSRF)
This is the fifth in the walkthrough series of the CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...
CloudGoat walkthrough series: Remote code execution
This is the sixth in our walkthrough series of CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...
CloudGoat walkthrough series: Lambda Privilege Escalation
This is the third in our walkthrough series of CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...
Information security strategy for the hybrid and multi-cloud
Cloud computing is omnipresent, and most organizations are opting for a model that combines several types of cloud infrastructure: private and public cloud...
CloudGoat walkthrough series: Cloud Breach S3
This is the second in the walkthrough series of the CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...
CloudGoat walkthrough series: IAM privilege escalation by rollback
This is the first in the walkthrough series of the CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security...
Working with CloudGoat: The “vulnerable by design” AWS environment
Many organizations today are leveraging the cloud to transform their business. However, the adoption of cloud technology introduces associated risks, security...
Malicious Amazon Machine Images (AMIs)
As organizations move their infrastructure, data and workload to the cloud, it is important to ensure that the Amazon Machine Images (AMI) from the AWS Marketplace...
Key findings from Ponemon’s State of Vulnerability Management in the Cloud and On-Premises report
In early February, Tesla paid $10,000 for a vulnerability in Microsoft SQL Server Reporting Services (SSRS) that was identified in its systems by a German...