Moshe Zioni, VP of security research at Apiiro has been researching security for over 20 years in multiple industries, specializing in penetration testing, detection algorithms and incident response. Zioni is a constant contributor to the hacking community and has been a co-founder of the Shabbatcon security conference for the past 6 years. Apiiro is an early stage cybersecurity company founded in 2019, whose purpose is to help security and development teams proactively fix risk across the software supply chain before releasing it to the cloud. In our opinion, they are well on the way to a market leadership position in the cybersecurity space.
Apiiro’s list of accomplishments continues to increase as they’ve detected a day zero supply chain security vulnerability, been named to Gartner 20 week 21, Cool Vendor and Dev SEC Ops, as well as being a frequent contributor to the NIST 800 to 18 Secure Software Development Framework.
Zioni’s team at Apiiro published their “Secrets in the Code” report, knowing that traditional OpSec is failing in modern enterprises. This report describes the business industry impact of their research, along with some actionable insights for practitioners. Zioni responds with a brief overview:
You can think of the most common examples as tokens to a specific API service that can give you credentials to implement or access to cloud services and cloud resources of the organization. This is the backdrop of why we went through the research method and eventually resulted in the report. And in