Inside Out Security - Inside Out Security

Nitay Bachrach

Nitay is a security researcher based in Tel Aviv, but you might encounter him anywhere in world. He is a cloud security expert, highly experienced in offensive security operations and reverse engineering. Nitay’s expertise also includes IoT devices, Linux, and local network security.

Latest articles

Ghost Sites: Stealing Data From Deactivated Salesforce Communities

Nitay Bachrach

May 31, 2023

Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.

Neo4jection: Secrets, Data, and Cloud Exploits

Nitay Bachrach

Feb 08, 2023

With the continuous rise of graph databases, especially Neo4j, we're seeing increased discussions among security researchers about issues found in those databases. However, given our experience with graph databases ― from designing complex and scalable solutions with graph databases to attacking them ― we've noticed a gap between public conversations and our security researchers' knowledge of those systems.

Einstein's Wormhole: Capturing Outlook & Google Calendars via Salesforce Guest User Bug

Nitay Bachrach

Nov 02, 2021

If your organization uses Salesforce Communities and Einstein Activity Capture, you might have unknowingly exposed your administrator's Outlook or Google calendar events to the internet due to a bug called...

Abusing Misconfigured Salesforce Communities for Recon and Data Theft

Nitay Bachrach

Oct 21, 2021

Our research team has discovered numerous publicly accessible Salesforce Communities that are misconfigured and expose sensitive information.

We're Varonis.

Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.

Learn more