Blog

GitHub Account Takeover of AWS and GCP Accounts

May 16, 2023

From GitHub to Account Takeover: Misconfigured Actions Place GCP & AWS Accounts at Risk

In April 2023, Rezonate research team explored prevalent misconfigurations of GitHub integration with cloud native vendors. GitHub OIDC-based trust relations have been found with the critical misconfigurations that leave connected AWS/GCP accounts vulnerable to potential takeover attacks. Although this issue was discovered and reported in the past, we have found that dozens of GitHub Public…

Rezonate

February 27, 2023

How Rezonate Maintains Audit-Ready State Using Rezonate

We all understand the importance of maintaining strong security protocols and controls. That’s why Rezonate decided to invest in the SOC 2 Type 2 compliance early on, and after only one month ...

Ori Amiga

February 27, 2023

CircleCI Breach: Detect and Mitigate to Assure Readiness

On January 4, 2023, CircleCI, a continuous integration (CI/CD) and delivery service, reported a data breach. The company urged its customers to take immediate action while a complete ...

Rezonate

February 27, 2023

TX Group: Eliminating cloud identity risk with Rezonate

Success for Switzerland’s largest international private media company means always staying ahead of the digital curve – and security is no exception. Rezonate makes this possible. “With Rezonate ...

Rezonate

February 27, 2023

PayMe: Protecting cross cloud identity and access with Rezonate

Empowering micro businesses to achieve more with a full suite of fintech products means building new tools and functionality fast – without cloud identity and access security slowing teams down. ...