Shay Ulmer

This post describes how I took over an Azure Cloud Shell trusted domain and leveraged it to inject and execute commands in other users’ terminals.

Agentless scanning is an important security tool. We discuss how agentless scanning works, how it differs from agent-based scanning, and whether you need both.

Lightspin created a public repository with common use cases to simulate unusual/malicious activities within the Kubernetes cluster.

Cloud security is an ongoing requirement for all organizations born and built in the cloud. One way to probably demonstrate security controls is with a SOC 2 report.

Introducing our self-serve Free plan, and a jam-packed Premium offering. We’ve removed the guesswork from the traditional software buying process.

Curious about DevSecOps? We explain what DevSecOps is, how it works, and how integrating security throughout development helps create more secure systems.

The Complete Guide to AWS KMS. AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the cryptographic keys used to protect ...

The Principle of Least Privilege can improve the security of your system. Learn what Principle of Least Privilege is, how it works, and best practices.

Wondering about CI/CD security? We explain why CI/CD security is essential, how it works, the tools you need, and best practices to overcome the challenges.