Research Merge Order Hijacking in AWS Lambda As serverless computing increasingly becomes popular, third-party vendors are incentivized to provide runtime enhancements to serverless workloads. These enhancements often include telemetry collection, log enrichment, or runtime security enhancements. In this blog, we examine how AWS and third-party vendors deploy these enhancements within AWS Lambda, and how attackers can leverage
Perspectives Building support for securing a production environment In our last post, we discussed the challenges of securing a production environment. Because production environments are linked to your company’s top line growth, the first step in being secure is understanding your company’s tolerance for different types of risks to your production environment. In this post, we
Perspectives The challenge of securing a production environment Are you tasked with securing a production environment? I know how hard this is – I've been there. Production environments are extremely difficult to secure for both technical and business reasons. In this post, we’ll show how to identify your production environment and discuss the major challenges of
Product Introducing runtime detection and isolation for Lambda and EC2 Today, we’re excited to publicly announce a first of its kind, unified, identity-driven detection and isolation capability for your cloud-native and cloud-enabled apps and infrastructure. More specifically, our approach unifies data provided by AWS with purpose-built identity-driven context and introspection for Lambda and EC2. We launched ClearVector with the
Product ClearVector is now available on AWS Marketplace Today we are excited to announce that ClearVector is available on the AWS Marketplace! This enables AWS customers to easily prepare for, detect, investigate, and stop threats in AWS environments. Are you an AWS customer? Simplify the procurement and purchase of ClearVector by adding to your existing AWS spend. Visit
Research LambdaSpy - Implanting the Lambda execution environment (Part two) In part one [https://www.clearvector.com/blog/lambda-internals/] of this series, we discussed the AWS Lambda execution environment. In this post, we focus on the challenge of persisting in a serverless environment, gaining access to the data that Lambda functions process, and one possible method in the form of
Research Lambda internals (Part one) The past several years have seen a significant rise [https://www.cncf.io/wp-content/uploads/2020/12/CNCF_Survey_Report_2020.pdf] in the use of serverless cloud computing solutions, and with good reason. Serverless [https://aws.amazon.com/serverless/] applications can be cheaper, more scalable, more rapidly developed and
Security Auditing identity activity for NOBELIUM and MagicWeb in AWS Earlier this week Microsoft researchers [https://www.microsoft.com/security/blog/2022/08/24/magicweb-nobeliums-post-compromise-trick-to-authenticate-as-anyone/] discovered NOBELIUM abusing identities and credentialed access to maintain persistence and facilitate covert access. In AWS environments, the IAM Identity Center [https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html] (formerly AWS SSO), enables
Product Introducing realtime detection, isolation, and breach readiness Today, we're excited to publicly announce two features for our identity-driven platform. First, our realtime detection and isolation feature, and second, our breach readiness feature.
Perspectives Partnering to Reduce Realtime Risk Fighting cybersecurity adversaries can feel a bit like the carnival game Whac-A-Mole; every time one threat is stopped, another pops up to take its place. That's why ClearVector is on a mission to enable realtime intelligence and control over the identities operating in an environment, instead of playing
Engineering How to set up an AWS environment Setting up a well-designed, scalable, secure AWS environment is difficult. Making it more challenging, most people have inherited large AWS environments...
Perspectives A new era for cybersecurity Cybersecurity morphs daily – and the way we defend it must too. That's why, along with our team, I am excited to launch ClearVector [https://www.clearvector.com], an identity-driven security company built to help organizations protect themselves in a cloud-native and cloud-first future. By focusing on identities and
