Olivia
Online
Shelly Raban
@shellyraban
Security research team lead @TenableSecurity
Joined November 2021
610 Following
276 Followers
125 Posts
Pinned Tweet
It was a pleasure! Big thanks to the Cloud Village team for having me!
Huge thanks to @shellyraban for showing us how to turn attacker behavior into detections that matter! 👏
From leaked credentials to forensic logging, Shelly proved that understanding the adversary is the best way to strengthen real defenses.
Thanks for joining us! ☁️ @OneRSAC
Super excited about this one!!
Autonomous #AI agents raise major security questions. At @fwdcloudsec North America, Tenable researchers @cnotin and @popov1ron will explore how AI agent identities function as a specialized, high-velocity breed of Non-Human Identity (NHI).
🔗: https://t.co/BMpVFxk5vj
7K weekly downloads. 730 versions of legitimate package, then Sliver C2 drops in the postinstall. Amazing work by Ron from my team catching this! Pin to 1.1.558, check for /tmp/.sshd on build servers - the masqueraded implant. Rotate creds if you installed it.
Tenable Research has detected yet another npm supply chain attack 🚨
This attack is part of an ongoing wave hitting the ecosystem right now
Affected: "cqa-lib/cqa-ui", version 1.1.559, 1.1.560
Last known clean version: 1.1.558
#SupplyChainAttack #npm #malware #SliverC2
Most organizations are flying blind when it comes to the Non-Human Identities behind their agentic AI🕵️
We'll present at @fwdcloudsec NA 2026 "Who Are the Robots? Uncovering AI Agents Identities." Covering Microsoft’s “Entra Agent ID” and Google’s “GCP Vertex AI Agent identities”
Starting in 15 mins: @shellyraban is live at #CloudVillage breaking down how to track attacker behavior in managed cloud services without the risk! 🛡️
Catch the reality of cloud deception live in Room 204! 🔍
📍 Moscone South, Level 2 | @OneRSAC
#RSAC
Can’t wait! 😍
How do you leak a cloud key without losing your budget? 🔑
Join @shellyraban at Cloud Village inside the Moscone Center to learn the "Hard Way" of running cloud honeypots—from authentic IAM roles to Bedrock & SageMaker forensics.
See you at @OneRSAC! 🛡️ #CloudSecurity #RSAC
Our Google Cloud VRP researchers don't miss! 🔥 Check out @terminatorLM's latest Looker research uncovering 9 novel cross-tenant vulns in Looker.
See how it was done: 👇
@terminatorLM Amazing stuff!!!
#AI is revolutionizing the cloud—but at what cost to security? Our team has been working on the NEW Cloud AI Risk Report that uncovers the top risks security teams should be aware of as AI-driven cloud adoption advances. Get the report here →... https://t.co/cAQ6w3dtXv
It is with profound sadness that we announce the passing of our Chairman and Chief Executive Officer, Amit Yoran (@ayoran), after a battle with cancer. Today’s press release can be read here. ⬇️ https://t.co/77pGRZeMVH
@dagrz This is awesome!!
Was such an amazing experience! Super interesting talks, 10/10 setup, and an awesome community🫶
Who watches the Watchmen? Let's steal credentials with Shelly Raban from policy-as-code engines at #WICCON2024.
https://t.co/9A4LibC6ZL
#CyberSecurity #WomenInTech
Researchers have uncovered new attack techniques targeting infrastructure-as-code (IaC) & policy-as-code (PaC) tools like HashiCorp's Terraform & Open Policy Agent (OPA), posing a severe risk to cloud platforms.
Learn how this works: https://t.co/WImoPFGjWU
#cybersecurity
Thanks for featuring my DSLs attack techniques research!
Read all about it in our blog-
https://t.co/NYZZAxcQQ8
📖 CloudSecList Issue 265 just got released, w/ content from @iann0036 @trailofbits @PushSecurity @tenablesecurity @tracebit_com @SentinelOne and more!
https://t.co/BsLXhew2jP
You don’t want to miss this one! https://t.co/NZmX8vstg7
@Stef_van_Dop Thank you so much! Glad you liked it :)
Had so much fun! Thanks to everyone who survived to hear my talk this late in the afternoon 😂
Last speaker for today. @shellyraban: Who watches the Watchmen? Let's steal credentials from policy-as-code engines at #WICCON2024. #CyberSecurity #WomenInTech
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers