SEARCH
Archive
Trailblazer Hunts Credential Abuse in AWS
A particularly vexing challenge in authentication is finding cases where credentials have been compromised or when login attempts are not legitimate. Netflix has open-sourced an internal tool called Trailblazer that uses AWS CloudTrail to help tackle this challenge in a scalable way.
New All-Female VC Fund Focuses on Cloud-Native Security
Security veteran Chenxi Wang's new venture capital fund Rain Capital plans to focus on cloud-native security services and products. Rain Capital will also seek out female and minority founders solving challenging security problems.
FireEye Releases PwnAuth, an OAuth Attack Testing Platform
FireEye has released PwnAuth, an open source tool designed to help security professionals test their organization's ability to detect and respond to attacks abusing OAuth.
Exposed AWS Resources Leaked Sensitive Data
Amazon S3 buckets aren't the only data repositories that can leak data because of the organization's configuration errors. Other cloud services on the AWS platform are often found accessible by anyone on the Internet.
Google Asylo Lets Devs Build Confidential Computing Apps
Protect the data at rest and in transit. How about while in use? Google’s open source framework Asylo helps developers use secure enclaves with their applications without having to know the specifics of how TEEs work or learning how to use specialized tools.