Original research on AWS security, IAM exploitation, and autonomous cloud security testing from the OFFENSAI research team.
May 20, 2026 · 12 min read
Securityscopeshift demonstrates that Claude Code and other AI coding agents can be tricked into running unauthorized pentests through network-layer deception alone — no adversarial prompts required. The agent thinks it's probing localhost, but the traffic lands on a real third-party target.
Eduard Agavriloae
Director R&D
Apr 28, 2026 · 7 min read
SecurityAI isn't creating a new vulnerability crisis. It's exposing the one security teams were already living in: too much noise, too little exploitability proof, and too much uncertainty.
Karen Nguyen
Apr 7, 2026 · 8 min read
AWSAWS IAM eventual consistency gives attackers a 4-second window after credential revocation. notyet is an open-source tool to test IR containment playbooks.
Eduard Agavriloae
Feb 24, 2026 · 12 min read
AWSStandard AWS IR containment fails against attackers exploiting IAM eventual consistency. This article presents an SCP-enforced technique that makes identity-level containment attacker-resistant.
Eduard Agavriloae
Feb 3, 2026 · 18 min read
AutomationAdversarial Exposure Validation (AEV) proves what's exploitable right now, tests detection during execution, and re-runs the same path after fixes to verify closure.
OFFENSAI
Jan 15, 2026 · 10 min read
AutomationDiscover how Adversarial Exposure Validation (AEV) uses AI-driven testing to continuously prove which attack paths are exploitable. Compare AEV vs pentesting and learn why continuous validation replaces episodic scanning.
OFFENSAI
Dec 17, 2025 · 12 min read
SecurityCybersecurity predictions for 2026 covering cloud identity attacks, AI-driven red teaming, CI/CD supply chain risks, and why continuous validation replaces periodic testing.
OFFENSAI
Dec 7, 2025 · 10 min read
AWSAWS IAM eventual consistency creates a 4-second window where deleted AWS access keys can still work. Learn how attackers exploit this and how to mitigate it.
Eduard Agavriloae
Dec 3, 2025 · 6 min read
AWSAn initial security overview of AWS Lambda Managed Instances, exploring the Bottlerocket-based architecture, the 'Elevator' components, and security insights for this new compute model.
Eduard Agavriloae
Nov 29, 2025 · 7 min read
AWSMost S3 ransomware attacks don't start with public buckets. They start with ABAC, tag abuse, and living-off-the-land AWS services. See how the real kill chain works.
Dragos Stanescu
Sep 17, 2025 · 8 min read
EngineeringTraditional red teaming is outdated. Learn why continuous red teaming powered by AI and automation delivers real-time risk validation for modern cloud environments.
OFFENSAI
Sep 10, 2025 · 6 min read
AutomationAI red teaming is transforming offensive security. Learn how to align AI-driven tactics with OWASP and NIST, and simulate real-world attacks using intelligent automation.
OFFENSAI
Aug 26, 2025 · 13 min read
EngineeringCloud security posture management (CSPM) tools aren't enough in 2025. Discover why ACAE and CNAPP are the missing pieces for continuous validation and end-to-end cloud security.
OFFENSAI
Aug 20, 2025 · 10 min read
EngineeringLearn cloud compliance in 2025: frameworks (SOC 2, ISO 27001, HIPAA, GDPR), challenges, tools, automation, and best practices for continuous compliance.
OFFENSAI
Aug 4, 2025 · 6 min read
AWSYour security scanner flagged 847 findings in your AWS environment last week and...
Dragos Stanescu
Jun 24, 2025 · 15 min read
AutomationExploring the breakthrough potential and emerging risks of AI agents that can autonomously discover and exploit complex AWS attack chains.
Eduard Agavriloae
Apr 2, 2025 · 7 min read
AWSDid you know a misconfigured private API Gateway can be invoked from any AWS account?
Eduard Agavriloae
Mar 13, 2025 · 5 min read
AWSThe article highlights the dangers of using the AWS managed policy PowerUserAccess in complex environments by sharing the attacker's perspective on the matter.
Eduard Agavriloae
Feb 28, 2025 · 20 min read
AWSDiscover how to leverage AWS Lake Formation with Amazon EMR on EKS for efficient big data analytics. Simplify cluster management and optimize your data workflows.
Dragos Stanescu
Jan 15, 2025 · 11 min read
AWSThis research was conducted by OFFENSAI to show what an attacker can achieve after creating a malicious OIDC identity provider in AWS and how they can do it. The article presents novel techniques and tools for persistence and evasion.
Eduard Agavriloae
See how OFFENSAI's cloud security testing platform helps teams move from exposure detection to controlled validation, technical evidence, and risk-based prioritization.