Skip to Main Content
blog
nav-menu
blog-aws-logging-enhancement-card
Research
Nathan Avatar
Ian

Nathan Eades & Ian Ahl

25 Oct 2022

AWS Enhancements to UpdateLoginProfile and CreateLoginProfile logging

Logging by cloud providers and identity providers sometimes does not contain the level of detail needed for detections. We found a case in AWS when a login profile is created or updated without the reset password flag set to true.

READ MORE

blog-password-spray-enters-okta-gon
Security
Ian

Ian Ahl

16 Sep 2022

Password spray enters the Okta-gon

Identity Providers (IDPs), like Okta have always been a juicy target for threat actors of all skill levels. Permiso identified a large Okta password spraying campaign that took place in late August.

READ MORE

blog-idp-ipersonate-me-title-image
Research
Ian
Nathan Avatar

Ian Ahl & Nathan Eades

29 Aug 2022

You down with IDP? Impersonate me!

Permiso Security and ACV Auctions, while collaborating on cloud detection efforts, discovered an impersonation technique in Okta application user assignments. This technique is being utilized for both benign and nefarious purposes.

READ MORE

inspector cloudy soc2
Company
jason

Jason Martin

15 Aug 2022

Achieving SOC 2 Type 1 Certification - Helping companies feel more secure about Permiso while we help them secure their public cloud

We're excited to announce that Permiso is now SOC 2 Type I certified. This certification signifies that an independent third-party auditor has validated the design of our security program controls against an established set of Trust Service Principles.

READ MORE

alerts-v1-radar
Product
Ian
jason

Ian Ahl & Jason Martin

20 Jul 2022

Permiso Alerts Module v1 Launched

We are very excited to announce a major release to our Permiso Alerts Module. This release includes dozens of cloud detection rules born from the front lines experience of our P0 Labs team and its support of incident response and observed attacks over the last year.

READ MORE

paginate first page
previous page
12
next page
paginate last page

Search

Choose Category

Company
Security
Product
Research
News