“Only after two-and-a-half months later did we get a response," Shua said. This case was very different than Orca's past experiences with Azure, said Shua, who said they first reported the issue to Microsoft on Jan. He also noted that Tenable had a similar experience with vulnerabilities it discovered in Azure Synapse Analytics and published an account in a blog yesterday. On at least two occasions with AWS, as well as with Microsoft Azure, the issues were fixed within a few days. Shua said Orca discloses these type of security issues all the time. Shua said while Microsoft fixed the vulnerability, it also needed to set up a sandbox as an extra layer of protection. He claimed that the internal control server was only revoked after 96 days and after an aggressive stance by Orca. Researchers at Orca Security posted a blog on Tuesday that pointed out a case where tenant separation vulnerabilities in Azure Synapse Analytics were discovered, Orca claimed it took Microsoft over 100 days to make a final fix.Īvi Shua, co-founder and CEO at Orca, added that it took three patches to correct the issue and the first two were bypassed by Orca researchers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |