Identity threat detection and response startup Permiso Security Inc. today released a new open-source tool that helps offensive and defensive security professionals understand how policies could be obfuscated by threat actors to go undetected in an environment. Called SkyScalpel, the tool has been designed to address issues in cloud environments such as where JSON-based policies, particularly in Amazon Web Services Inc., dictate what resources users and systems can access and the actions they perform.

Source: SiliconANGLE