Jason Chavarría
Among exposed were secrets, code and AI training data
We describe the leak and mention its causes and threats, talk about the possible security risks when using Azure SAS tokens and give advice to prevent leaks.
Jason Chavarría
Toyota's ancient and recently disclosed data leaks
We describe the data leaks recently disclosed by Toyota Motor Corporation lasting five, eight and ten years.
Jason Chavarría
The basics of cloud security posture management
Cloud security posture management involves vulnerability assessment, prioritization and remediation to secure cloud-based systems and infrastructures.
Jason Chavarría
Our CLI is an approved AST tool to secure cloud apps
Fluid Attacks' automated tool is recommended by the App Defense Alliance for static scanning under the Cloud Application Security Assessment (CASA) framework.
Jason Chavarría
Continuous manual security tests for going beyond MCSB
The Microsoft cloud security benchmark recommends regular red teaming and pentesting. We talk about how we help you go beyond that and achieve Azure DevSecOps.
Jason Chavarría
Trends in cyberattacks and prevention this year
In this post, Fluid Attacks shares a digest of trends in cyberattacks and prevention in 2022.
Jason Chavarría
Continuous manual security tests for AWS CAF compliance
AWS has sketched the way to achieve DevSecOps and provided its Cloud Adoption Framework. In it, it advises pen testing and red teaming, two things we excel at.
Jason Chavarría
Benefits of shifting cloud security left
This post defines cloud DevSecOps, presents the key issues it helps tackle and gives you a condensed list of its benefits.
Jason Chavarría
What was Azure's four-year-old vulnerability?
A recently discovered four-year-old vulnerability in Microsoft's Azure App Service has been keeping the source codes of customer applications public.
