Publications

Blogposts

• Eight questions to measure vulnerability remediation "pain"
• Storm-0558 Update: Takeaways from Microsoft's recent report
• How to leverage generative AI in cloud apps without putting user data at risk (with Barak Sharoni)
• Redirection Roulette: Thousands of hijacked websites in East Asia redirecting visitors to other sites (with Barak Sharoni)
• Hardening your cloud environment against LAPSUS$-like threat actors
• Addressing the Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments
• Securing AWS Lambda function URLs

Papers & Reports

• PEACH: a tenant isolation framework for cloud applications (Whitepaper, Website, Blogpost)
• The State of the Cloud 2023 (with Scott Piper) (Report)
• State of AI in the Cloud 2024 (Report)

Talks

• "We built a community cloud vulnerability database, now what?" (with Alon Schindel) (Recording, Slides)
• "The Good, the Bad, and the Vulnerable: A comprehensive overview of vulnerabilities in cloud environments" (with Merav Bar) (Recording)

Podcast Episodes

• Key findings about Storm-0558 (SANS Threat Analysis Rundown with Katie Nickels)
• Isolation is just PEACHy (The OWASP Podcast Series)
• Threat Trends: Addressing Risk in the Cloud with Wiz (Mandiant's Defender’s Advantage Podcast)
• Interview by Dave Bittner (CyberWire Daily)

Diagrams

• AWS IAM
• Storm-0558 email exfiltration
• Storm-0558 signing key capture
• 3CX breach
• JumpCloud breach
• Oktapus / ScatterSwine activity overview
• CircleCI breach
• LastPass breach
• Fast Company breach
• Heroku / Travis CI / GitHub / npm breach
• Vulnerability assessment using CPE
• Spring4Shell (CVE-2022-22965)
• OpenSSL vulnerabilities (CVE-2022-3786, CVE-2022-3602)
• OpenSSH vulnerability (CVE-2023-38408)

Other

• Guided Vulnerability Meditation (CISOasis)