Tamnoon Blog
Everything you need to get started with managed cloud remediation, and then some.
Blog
Misconfigurations in the Wild: How We Untangled 103 Hard-Coded Secrets
November 26, 2025
7 min
7 min
Ever wonder what happens when a single secret ends up copy-pasted across dozens of cloud services? Or how fast that quiet mistake can turn into a wide-open blast radius? Cloud Security Misconfigurations in the Wild is where we walk through real situations like this. Our team runs into all kinds of cloud anomalies, and sharing…
Blog
Why Speed Matters in Cloud Security (And What You Can Do About It)
November 20, 2025
6 min
6 min
The real risk in cloud security comes from the time between when an alert appears and when a fix is made. Every cloud team knows that gap exists… Alerts stack up by the thousands, each one waiting to be investigated, validated, and routed to the right person. Engineers chase noise while critical issues sit unresolved. …
Blog
Breaking the Barriers: Exploiting Entra ID Consent and Groups (Challenge #3)
November 5, 2025
1 min
1 min
We’re back at it again with another Wiz Cloud Security Championship challenge. In our last write-up, “Contain Me If You Can,” we explored container escapes and database privilege abuse. This time, the walls look different. Instead of breaking out of a container, we’re breaking into identity.
Blog
Contain Me If You Can: Breaking Out of the Container (Wiz CTF Challenge #2)
October 27, 2025
1 min
1 min
Wiz’s Cloud Security Championship Challenge #2 – You’re trapped inside a container and need to reach the host file system to find the flag.
Blog
Solving ‘The Perimeter Leak’: Using IMDS Access to Capture the Flag (Wiz CTF Challenge #1)
October 8, 2025
1 min
1 min
Tamnoon’s security engineer breaks down AWS IMDS risks revealed in the Wiz Cloud Security Challenge.
Blog
Think MDR has you covered? Not in the cloud
October 6, 2025
1 min
1 min
MDR protects endpoints, not cloud workloads. Strengthen your cloud security with detection and response built for AWS, Azure, and GCP.
Blog
How to Fix MFA Alerts When Using AWS Centralized Root Access
September 30, 2025
4 min
4 min
Managing AWS root users has always been challenging. Every member account in an AWS organization comes with its own root credentials, and as accounts multiply, so does the complexity of enforcing strong controls like MFA. Many teams have struggled to keep up, which often leads to skipped protections and increased risk. In November 2024, AWS…
Blog
From Data Risk to Actionable Cloud Security with Cyera and Tamnoon
September 1, 2025
5 min
5 min
Cloud security teams are managing more alerts than ever. Misconfigurations, vulnerabilities, and exposed assets flood dashboards daily. At the same time, sensitive data is being created, stored, and shared across cloud environments, often with little visibility. Here’s the catch: not all risks are equal. A misconfigured server that has no connection to sensitive data might…
Blog
Meet Patrick Guay: Tamnoon’s New CRO
August 28, 2025
4 min
4 min
After more than two decades helping some of the most innovative Israeli startups bring their ideas to the global stage, I’m excited to start my next chapter as Chief Revenue Officer at Tamnoon. I’ve seen firsthand how the right blend of technology and vision can change entire markets, whether at Voltaire (now part of NVIDIA),…
Blog
Are You a Good Fit for Managed Cloud Security?
August 6, 2025
11 min
11 min
We get this question a lot: “Are we the right kind of company for a managed cloud security service?” And honestly, sometimes the answer is no. That’s not a red flag. It just means your team, tooling, or priorities are in a different place. Some companies have mature cloud security operations and just need better…
Blog
SOC Metrics: Types, Best Practices, and How to Use Them Effectively
June 11, 2025
13 min
13 min
Security teams are drowning in metrics, and most of them don’t matter. The reality is simple: security teams don’t operate in a vacuum. Like most teams, they’re measured by how fast they detect threats, how effectively they respond, and how well they align with the business. But without clear, meaningful metrics, even the most technically…
Blog
10 Cloud Workload Protection Platforms You Need to Know in 2025
June 9, 2025
16 min
16 min
Cloud infrastructure doesn’t break the same way on-prem did. But it still breaks. Whether that’s containers running outdated libraries or serverless functions wired with overly permissive roles, modern cloud workloads introduce attack surfaces that shift by the minute. Runtime threats, lateral movement, and memory injection aren’t theoretical risks either. They’re showing up in real-world breaches.…
Blog
What is a CNAPP? Simplifying Cloud Security Solutions
May 28, 2025
13 min
13 min
Cloud-native environments demand security approaches that evolve just as quickly as the infrastructure they protect. As businesses adopt containers, serverless functions, and complex multicloud setups, traditional security tools fall behind. That’s where a unified platform makes all the difference. Rather than stitching together a patchwork of tools, organizations increasingly look for cohesive solutions that reduce…
Blog
How to Choose the Right Remediation Management Software
May 14, 2025
11 min
11 min
How to Choose the Right Remediation Management Software for Your Organization Most organizations don’t have a detection problem—they have a remediation problem. Cloud security teams are flooded with alerts, yet few ever get resolved. And trust us, after analyzing over 4.7 million alerts in our State of Cloud Remediation report, we know what the numbers…
Blog
A Comprehensive Guide to AWS Service Control Policies (SCP)
April 30, 2025
37 min
37 min
To get allow/deny validation scenarios (complete with AWS CLI and boto3 code samples!) for each of the SCPs in this guide, visit our interactive SCP explorer. Mastering AWS SCPs: Your Go-To Guide for Cloud Security AWS Service Control Policies (SCPs) sit at the heart of any serious cloud governance strategy. They define what actions are…
Blog
Green is the New Red
April 4, 2025
9 min
9 min
Background Our team recently released Tamnoon Reporting—a set of reporting capabilities that allows our customers to continuously visualize and measure their cloud security remediation efforts. This reporting system provides cloud security leaders with x-ray vision into the managed Cloud Threat Exposure Management (CTEM) process that Tamnoon drives for its customers. This blog builds on this…
Blog
Multi-Cloud Security Best Practices: How Companies Can Stay Protected
March 26, 2025
12 min
12 min
If your company relies on cloud-based infrastructure, it may be time to rethink your approach to multi-cloud security. The current trends paint a clear picture: Gartner predicts that over 85% of businesses will adopt a cloud-first approach by the end of this year. Of those, more than 50% will rely on a multi-cloud strategy. Flexera’s…
Blog
4 AWS Serverless Security Traps in 2025 (And How to Fix Them)
March 17, 2025
6 min
6 min
Serverless architecture accelerates development and reduces infrastructure management, but it also introduces security blind spots that traditional tools often fail to detect. AWS Lambda, API Gateway, and DynamoDB have revolutionized application development, eliminating infrastructure concerns and creating new security challenges. Additionally, AWS serverless security pitfalls that compliance checklists often overlook. Cloud providers are increasingly seeing…
Blog
Remediation Risk: How Companies Can Mitigate Security Gaps Effectively
March 17, 2025
9 min
9 min
Risk remediation should be at the core of a strong cybersecurity strategy. Done right, it reduces your attack surface, maintains compliance, and protects against data breaches. This specialized risk management methodology calls for continuously identifying, prioritizing, and resolving vulnerabilities throughout cloud and hybrid environments — it’s the cornerstone of a resilient cybersecurity posture. Still, remediation…
Blog
What Are AWS Resource Control Policies (RCPs)?
March 12, 2025
17 min
17 min
What Are AWS Resource Control Policies (RCPs)? The Complete Guide Resource Control Policies (RCPs) are organization-wide guardrails designed to enforce security and governance across AWS resources. These deny-only policies establish permission boundaries for specific resource types within AWS organizations. Amazon introduced RCPs and an added layer of security to better protect AWS resources, especially those…
Blog
How Tamnoon’s New Dashboard Enables Full Visibility Into Your Cloud Security
February 21, 2025
4 min
4 min
At Tamnoon, we know every company has a different approach to managing their cloud security. Some teams want to be hands-on. Others prefer to let our CloudPros handle the heavy lifting. Tamnoon’s latest dashboard gives you full visibility into your cloud security. You can engage on your terms, whether that means diving into the details…
Blog
Cloud Remediation Plan Execution: Step-by-Step Guide
February 20, 2025
10 min
10 min
Complex, interconnected cloud environments, rapidly evolving threats, and more unknowns than we’d like to admit—it’s safe to say cloud security teams are fighting an uphill battle. The data is pretty telling, too. One survey revealed that 77% of organizations had less-than-optimal cloud environment transparency, with only 23% reporting full visibility. What’s clear: protecting complex cloud…
Blog
Seamlessly Migrate from Check Point CloudGuard to Wiz in Under 2 Weeks with Tamnoon
February 11, 2025
8 min
8 min
Check Point Software’s new strategic partnership with Wiz is shaking up cybersecurity. Companies are now exploring how they will migrate from Check Point CloudGuard to Wiz’s CNAPP—something that may sound and seem exhausting. Between the integrated systems, configurations, and training your teams will need—there’s a lot to think about. Change is coming no matter what,…
Blog
How to Design Efficient Vulnerability Remediation Workflows
January 22, 2025
8 min
8 min
It’s no secret today’s cloud environments are dynamic, scalable, and highly adaptable — but this dynamism also introduces unique security challenges when identifying and addressing vulnerabilities. Building an effective cloud security program requires mature vulnerability remediation workflows. These workflows become the backbone of a proactive security posture, ensuring risks are mitigated quickly and efficiently. Knowing…
Blog
Cloud Vulnerability Prioritization: Strategies & Best Practices
January 17, 2025
8 min
8 min
Modern cloud environments can’t be that hard to protect, right? Wrong. Security teams need to continuously identify and remediate vulnerabilities, which, for most businesses, means identification alone creates an endless volume of tasks. Automatically detecting vulnerabilities is a good thing for any organization — solving them at scale is hard. Alert fatigue can harm job…
Blog
How Remediation Operations Scales with Managed Cloud Security
January 6, 2025
7 min
7 min
The average enterprise uses more than 1,295 cloud services. Every year, this number increases as cloud footprints grow, introducing new levels of complexity to the cybersecurity equation. This seemingly ever-expanding cloud footprint often creates more critical and consistent security risks, along with the urgency of remediating those security risks. Tools that enable remediation operations —…
Blog
Redefining Cloud Security Management: Make Your CNAPP Work For, Not Against, You
December 25, 2024
8 min
8 min
Would you be okay with a car alarm continuously blaring for no observable reason? Sure, it’s protecting the car from getting stolen, but no one is trying to steal it. Nothing’s wrong. The noise would simply be frustrating for the neighbors with no added benefit to the car owner. This same outcome happens almost daily…
Blog
How to Build an Effective Proactive Remediation Strategy for Cloud Security
December 23, 2024
8 min
8 min
What good is a solution that creates more problems than it solves? Modern organizations depend on complex cloud-based infrastructure. While valuable, it also creates new security challenges that must be addressed. Security teams know all too well about the never-ending cycle of alerts and reactive remediations. One study revealed that 75% of businesses have security…
Blog
How to Prevent Costly Cloud Security Remediation Errors
December 16, 2024
8 min
8 min
Errors in cloud security remediation can have devastating consequences, given the complexities of these ecosystems. It shouldn’t be surprising that 31% of cloud data breaches result from misconfigurations or human errors — making it the leading cause ahead of exploits and authentication issues. Cloud security remediation is all about finding, prioritizing, and fixing vulnerabilities throughout…
Blog
Automated Remediation: Key Benefits, Best Practices & Industry Use Cases
November 1, 2024
9 min
9 min
It doesn’t matter what industry you’re in, IT environments are becoming increasingly more complex than ever before. And with increased complexity comes greater potential for vulnerabilities that cybercriminals can exploit to access sensitive data and systems. That’s why automated security remediation has become increasingly critical for organizations that need to protect their IT ecosystem…
Blog
6 Top Benefits of Managed Cloud Security
October 16, 2024
4 min
4 min
As businesses continue migrating to the cloud and expanding their cloud footprint, scaling remediation of misconfigurations and reducing cloud threat exposure becomes a continuous battle for SecOps teams. Managed cloud security services offer the much-needed solution for cloud security teams; what MDR is to SOC teams, managed cloud security services are to security engineers. In…
Blog
How to Scale Cloud SecOps – A Realistic Outlook
October 2, 2024
7 min
7 min
If your security team is burnt out and you’ve got an endless backlog of alerts that no one quite knows what to do with, it might be time to think about scaling SecOps. Read on to find out why these problems form, and how you can address them by adopting automation in some situations, and…
Blog
How we Combine AI, ML, LLMs & Human Expertise to Prioritize CNAPP Alerts
August 7, 2024
8 min
8 min
Cloud-Native Application Protection Platforms (CNAPPs) have become an essential part of the modern cloud security toolkit due to their ability to detect misconfigurations, compliance issues, and threats across cloud environments. However, this comprehensive coverage – spanning code, infrastructure, runtime, and more – results in a high volume of alerts. Security teams need to decide which…
Blog
Healthy Posture and you are in the Clouds: CSPM 101
August 5, 2024
2 min
2 min
Overcoming the Challenge of Cloud Compliance & Security Cloud security consists of the processes, technologies and best practices that are applied to protect cloud computing environments, applications running in the cloud, their accompanying infrastructure, and the data held in the cloud. One of the basic and most important components of any cloud security program is…
Blog
Wiz and Tamnoon: Streamlining Cloud Security with Enhanced Visibility and Expert Remediation
July 18, 2024
1 min
1 min
Securing the cloud effectively requires organizations to build new processes and learn new skill sets. The cloud introduces new risks, and effective cloud security requires adapting existing processes to address them–focusing on early detection, providing rich context, and enabling easy collaboration. Wiz and Tamnoon have teamed up to deliver an AI-driven, human-verified approach to…
Blog
The Why and the How of Managed CNAPP
June 20, 2024
9 min
9 min
CNAPP is a fundamental piece of the cloud security puzzle – but poor implementations, lack of in-house expertise, and insufficient prioritization can lead to disappointing outcomes. At a time when security teams are stretched to their absolute limit, managed CNAPP is a more productive way forward for organizations looking to see quick results from their…
Blog
Introducing Tamnoon Prevent
June 10, 2024
4 min
4 min
You’re likely familiar with the problem of cloud misconfigurations. In short, more workloads are moving to the cloud, and environments have become a labyrinth of services and APIs that few can navigate. The result is that risky misconfigurations are everywhere: research published by Zscaler in 2022 found that 98.6% of organizations run misconfigured cloud resources…
Blog eBooks
Ultimate Guide to Cloud-Based Remediation
May 6, 2024
1 min
1 min
Cloud security is evolving fast, and it’s time for cloud remediation to evolve with it. The explosion of cloud adoption has led to a staggering rise in complexity for security teams. Clearly, current human-driven processes don’t scale. We leave our expanding cloud attack surface unprotected, and it is worsened by increasing volumes of vulnerabilities and…
Blog
Automated cloud remediation – empty hype, viable strategy, or something in between?
April 30, 2024
9 min
9 min
What role does automation play in cloud remediation? Will it replace or simply augment the role of security and R&D teams? Over 60% of the world’s corporate data now resides in the cloud, and securing this environment has become a daunting task. The vast attack surface and countless potential misconfigurations pose significant challenges for security…
Blog
Building Resilience Against Recurrence with Cloud Remediation
April 18, 2024
6 min
6 min
In the fast-evolving cloud security landscape, successful remediation isn’t just about fixing issues when they arise – it’s equally about preventing the recurrence of these issues. Prevention is the final, critical stage of the cloud security remediation process. After a specific threat or vulnerability has been addressed, prevention focuses on reducing the likelihood of that…
Blog
Neutralizing the Threat with Cloud Remediation
April 2, 2024
7 min
7 min
Smooth remediation requires meticulous coordination across tools, teams, and schedules. The complexity and scale of the remediation process may suggest that only a manual or an automated process can deal with it. Ideally, an organization can leverage the best of each process where appropriate. With so many different dimensions to coordinate, intricate planning and cross-functional…
Blog
Mapping the Impact of Cloud Remediation
March 20, 2024
6 min
6 min
What is impact analysis? Performing an impact analysis is a critical step in the cloud remediation process that employs methodical techniques to answer the questions: “What might go wrong if we implement this fix?” – and the equally-important “What might go wrong if we don’t?” A comprehensive impact analysis not only highlights the possible ramifications…
Blog
Wiz x Tamnoon – Collaborative Cloud Security: A Practical Guide to Remediation Workflow
February 27, 2024
8 min
8 min
Remediating issues in the cloud presents a multifaceted challenge due to the dynamic and intricate nature of these environments. The scalability of cloud infrastructure, comprising various interconnected services and resources, amplifies the difficulty in identifying and addressing issues at scale without interrupting the working production environment. Monitoring and addressing cloud misconfigurations and vulnerabilities is essential…
Blog
The First Step: Sharpening your Focus on Triage and Prioritization
February 27, 2024
9 min
9 min
In order to focus a team on what is most critical and urgent, the cloud remediation process frequently begins with a triage and prioritization step. Triage and prioritization provide a systematic way to optimize how your team handles this flood of notifications. What does triage and prioritization involve? Triage and prioritization aim…
Blog
The 2024 Tamnoon State of the Union Address
February 16, 2024
3 min
3 min
Getting Started Tamnoon emerged from stealth nine months ago during the RSA Conference in San Francisco. Since then, we’ve raised our Seed Round, hired the best cloud security team we could ever wish for, and are closing our first nine months with strong sales traction, great logos, strong partnerships with the major CNAPP players, and…
Blog
Where Current Remediation Approaches Fall Short
January 30, 2024
6 min
6 min
The last few years have seen the emergence of a plethora of cloud security tools designed to provide increased visibility and automated guardrails for cloud environments. Solutions like cloud-native application protection platforms (CNAPP), cloud security posture management (CSPM), and cloud infrastructure entitlement management (CIEM) can detect misconfigurations, prevent identity breaches, and even auto-remediate certain issues.…
Blog
4 Steps to Overcoming Cloud Remediation Challenges: A SecOps Perspective
January 18, 2024
4 min
4 min
Gartner has predicted that, through 2025, preventable misconfigurations and end-user mistakes will cause more than 99% of cloud breaches. “Detecting misconfigurations” is typically a well-defined process, fully equipped with technologies in the CNAPP and CSPM space or cloud-native security services. But looks can be deceiving, and the entire “remediation process” is often more complex and…
Blog
Severity Matters: Open User Access to S3 Buckets
January 11, 2024
4 min
4 min
Overlooking medium and low-severity cloud security misconfigurations can have consequences. In our “Severity Matters” series, we cover how downplayed misconfigurations can lead to compliance violations, data breaches, and legal ramifications. We’ve seen how easily medium and low severity misconfigurations can become lost in the noise of CNAPP and CSPM alerts, and how attackers can…
Blog
Severity Matters: Allowing (*) Principals in SNS Policies
December 28, 2023
3 min
3 min
Overlooking medium and low-severity cloud security misconfigurations can have consequences In our “Severity Matters” series, we cover how downplayed misconfigurations can lead to compliance violations, data breaches, and legal ramifications. The takeaway: it’s easy for medium and low severity misconfigurations to get lost in the noise of CNAPP and CSPM alerts, but they can…
Blog
Severity Matters: IMDSv1 > IMDSv2 (Instance Metadata Service)
December 21, 2023
4 min
4 min
Overlooking medium and low-severity cloud security misconfigurations can have consequences. In Part 1 of our “Severity Matters” series, we covered how misconfigured access policies could be exploited to exfiltrate sensitive metadata from an unencrypted AWS Glue Data Catalog. The key takeaway is that it’s easy for medium and low severity misconfigurations to get lost…
Blog
AWS re:Invent 2023: Our early 2024 New Year’s resolutions for your cloud security program
December 18, 2023
6 min
6 min
Once again, security was front and center at re:Invent this year, as AWS made some major updates to their services. Most of these updates seemed to revolve around three major areas: expansion of their security tools (Inspector, Detective, and Guard Duty), implementation of Digital Sovereignty Tools, and expansion of IAM tools. We can expect all…
Blog
Severity Matters: Prioritizing Encryption of AWS Glue Data Catalog
December 12, 2023
4 min
4 min
Overlooking medium and low-severity cloud security misconfigurations can have consequences. In cloud computing, protecting your data, applications, and infrastructure from threats is a continuous effort, and one of the most common pitfalls is misconfiguration. While many organizations focus on addressing high-severity security misconfigurations, they often underestimate the risks associated with medium and low-severity issues.…
Blog News
From Prioritization to Prevention: Tamnoon’s Integration with AWS Security Hub
November 28, 2023
3 min
3 min
Revolutionizing Cloud Security Gartner predicts that 99% of cloud breaches by 2025 will come from avoidable end-user mistakes. Handling cloud remediation, including analysis, prioritization, execution, and future-proofing, is a big challenge for security teams. Under the Shared Responsibility Model, AWS customers are responsible for remediating their own issues. However, the existing tools send out a…
Blog
Why I Joined Tamnoon
September 12, 2023
4 min
4 min
I met the founding team of Tamnoon during the acquisition of Dome9 by Check Point Software Technologies, and a couple of years later, became one of its first angel investors. So, when Marina Segal, the CEO and co-founder of Tamnoon, approached me about joining the company, my usual complex decision process was made easy by…
Blog News
Tamnoon is a Launch Partner for Wiz Integrations (WIN)
June 13, 2023
2 min
2 min
Tamnoon, SAN FRANCISCO, June 13, 2023 – Tamnoon today announces its partnership with leading cloud security provider Wiz as the company unveils Wiz Integrations (WIN). Tamnoon, hand selected as a launch partner, brings the power of Tamnoon’s Proactive Remediation to WIN, so that customers can seamlessly integrate Wiz into their existing workflows. WIN enables Wiz…
Blog
Customer Managed Key (CMK) or Amazon Managed Key (AMK)
May 17, 2023
3 min
3 min
Data security is a critical concern for businesses today, and with the increasing reliance on cloud services, managing encryption keys has become an essential part of maintaining a secure environment. In this post, we will explore the difference between Customer Managed Key (CMK) and Amazon Managed Key (AMK) and how they are used in Amazon…
Blog
Discovering your Cloud Security Posture Management (CSPM) Maturity Level
April 15, 2023
11 min
11 min
Introduction Cloud Security Posture Management (#cspm) is one of the fastest growing areas within the field of cloud security; most security vendors are working on or offering CSPM capabilities. However, enterprises are still trying to build the most effective CSPM program to fit their environment. In many cases, it’s unclear where to start and what…
Blog
The Missing Elements in Cloud Security
April 10, 2023
6 min
6 min
The cloud-native application protection (CNAPP) space has seen tremendous innovation. Tools today can detect almost any problem in the cloud, even preventing and addressing some problems automatically. But companies still struggle to find ways to make triage and remediation manageable for security teams. The list of cloud security technologies has expanded greatly in the last…
