Lightspin Blog | Dana Tsymberg

Dana Tsymberg

Dana Tsymberg is a Cloud Security Researcher in Lightspin’s Security Research team. Dana served in C4I and Cyber Defense unit and later worked in MIS and R&D teams in several companies. Dana has a passion for working with data, researching and developing new attack paths and comes with previous experience as a Cyber Security Analyst working in Check Point, where she researched mobile applications.

Cloud Security
What Is Graph Technology? What Can It Do?
Graph technology can help examine your data from a new perspective; find out how graph technology may find previously unseen relationships in your data.

— Read more ▸
Cloud Security

Research
Azure Cloud Shell Command Injection Stealing User’s Access Tokens
This post describes how I took over an Azure Cloud Shell trusted domain and leveraged it to inject and execute commands in other users’ terminals.

— Read more ▸
Cloud Security
What is Agentless Scanning & Do I Need It?
Agentless scanning is an important security tool. We discuss how agentless scanning works, how it differs from agent-based scanning, and whether you need both.

— Read more ▸
Cloud Security

DevSecOps

Research
The guide to analyzing Kubernetes runtime detection alerts using Amazon Athena
Lightspin created a public repository with common use cases to simulate unusual/malicious activities within the Kubernetes cluster.

— Read more ▸
Cloud Security
What is SOC2 Compliance?
Cloud security is an ongoing requirement for all organizations born and built in the cloud. One way to probably demonstrate security controls is with a SOC 2 report.

— Read more ▸
Democratizing cloud security: introducing our FREE plan
Introducing our self-serve Free plan, and a jam-packed Premium offering. We’ve removed the guesswork from the traditional software buying process.

— Read more ▸
DevSecOps
What is DevSecOps? How Does It Work & What Are the Benefits?
Curious about DevSecOps? We explain what DevSecOps is, how it works, and how integrating security throughout development helps create more secure systems.

— Read more ▸
Research
The Complete Guide to AWS KMS
The Complete Guide to AWS KMS. AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the cryptographic keys used to protect ...

— Read more ▸
DevSecOps
What Is the Principle of Least Privilege & Why Does It Matter?
The Principle of Least Privilege can improve the security of your system. Learn what Principle of Least Privilege is, how it works, and best practices.

— Read more ▸
DevSecOps
What Is CI/CD Security & Why Does It Matter?
Wondering about CI/CD security? We explain why CI/CD security is essential, how it works, the tools you need, and best practices to overcome the challenges.

— Read more ▸