Michael St.Onge

    Michael St.Onge

    Head of Technical Services

    Michael leads Tamnoon's technical services team, working hands-on with security operators to remediate misconfigurations and vulnerabilities at scale. He writes from the front line of RemOps and SOC workflows.

    LinkedIn

    Articles by Michael (13)

    Automated Remediation Playbooks for Production-Safe Cloud Environments
    RemOps

    Automated Remediation Playbooks for Production-Safe Cloud Environments

    June 15, 2026

    Security teams today face an overwhelming volume of alerts. Cloud Security Posture Management (CSPM) tools like Wiz, Orca Security, and Palo Alto Cortex Cloud effectively identify misconfigurations an…

    Read moreArrow
    Closing the Cloud Security Remediation Gap with RemOps
    RemOps

    Closing the Cloud Security Remediation Gap with RemOps

    June 1, 2026

    Security teams drown in alerts. Engineering teams struggle to fix them without breaking production. This disconnect costs organizations time, resources, and significantly increases risk. Traditional c…

    Read moreArrow
    NIST's NVD Shift Demands a New Vulnerability Strategy
    Vulnerability Management

    NIST's NVD Shift Demands a New Vulnerability Strategy

    April 29, 2026

    NIST's NVD Shift Demands a New Vulnerability Strategy NIST's recent operational changes to the National Vulnerability Database (NVD) aren't just an administrative tweak; they're a seismic shift in how…

    Read moreArrow
    Operational Playbooks for Swift Cloud Security Remediation
    RemOps

    Operational Playbooks for Swift Cloud Security Remediation

    April 5, 2026

    Stop Chasing Alerts and Start Engineering Fixes Your CNAPP is lit up like a Christmas tree, and your remediation backlog is measured in fiscal quarters. It's a familiar story. The industry is saturate…

    Read moreArrow
    CNAPP Alert Fatigue Is Killing Your MTTR: Here is How to Fix It
    RemOps (Remediation Operations)

    CNAPP Alert Fatigue Is Killing Your MTTR: Here is How to Fix It

    March 12, 2026

    Your CNAPP Isn't Lying, It's Just Not HelpingThe thousands of alerts pouring out of your Cloud Native Application Protection Platform (CNAPP) are technically correct. Your Wiz, Orca, or Prisma Cloud i…

    Read moreArrow
    Coruna Exploit Kits Are Hitting Your Mobile-First Workforce: How to Neutralize Spy-Grade Threats
    Vulnerability Management

    Coruna Exploit Kits Are Hitting Your Mobile-First Workforce: How to Neutralize Spy-Grade Threats

    March 11, 2026

    Coruna Exploit Kits Are Hitting Your Mobile-First Workforce: How to Neutralize Spy-Grade Threats A compromised iPhone is now a privileged cloud endpoint. This isn't a theoretical risk; it's the operat…

    Read moreArrow
    Closing the Breach Window: Stop Exploits Without Breaking Production
    Vulnerability Management

    Closing the Breach Window: Stop Exploits Without Breaking Production

    March 11, 2026

    Deconstructing the Breach Window From Detection to ExploitationThe operational gap between detecting a vulnerability and actually fixing it's where breaches happen. Your security team gets an alert fr…

    Read moreArrow
    Industrial AI Frameworks Fail: Your Alert List Isn't a Defense Plan
    RemOps

    Industrial AI Frameworks Fail: Your Alert List Isn't a Defense Plan

    March 11, 2026

    Your industrial AI frameworks are just as vulnerable as the rest of your stack. That's the operational reality security teams are grappling with. Frameworks like LangChain, Langflow, and LiteLLM aren'…

    Read moreArrow
    AI Vulnerability Scanners: Production Impact and Risk Analysis
    Vulnerability Management

    AI Vulnerability Scanners: Production Impact and Risk Analysis

    March 5, 2026

    Your AI scanner just caused a production outage. It was supposed to be the solution to alert fatigue. Instead of a meaningless list of ten thousand CVEs from Wiz, Prisma, or Orca, the new AI-powered s…

    Read moreArrow
    Vulnerability Exploitation: Why Your Patch Cycle is Already Too Slow
    Vulnerability Management

    Vulnerability Exploitation: Why Your Patch Cycle is Already Too Slow

    March 3, 2026

    Vulnerability Exploitation: Why Your Patch Cycle is Already Too Slow Your weekly patch cycle is now a documented liability. While your teams follow a traditional cadence of scan, prioritize, and deplo…

    Read moreArrow
    Alerts Aren't Defenses: Why Your Security Stack Fails at Remediation
    RemOps (Remediation Operations)

    Alerts Aren't Defenses: Why Your Security Stack Fails at Remediation

    March 2, 2026

    Your Detection Stack Is a Liability Without a Fix Your CSPM just found 5,000 "critical" vulnerabilities. A normal Monday. For security teams, this isn't intelligence; it's inventory. An ever-growing l…

    Read moreArrow
    Shadow LLMs Are Leaking Your Secrets: Stopping AI Tool Breaches
    RemOps (Remediation Operations)

    Shadow LLMs Are Leaking Your Secrets: Stopping AI Tool Breaches

    February 28, 2026

    Find the Bleed: Tactical Discovery of Shadow AI in Your Cloud Analyzing Egress Traffic Patterns Finding shadow AI isn't about buying another tool. It's about using the data you already have. Start wit…

    Read moreArrow
    Deepfake Identity Attacks: Why Your MFA Isn't Enough Anymore
    RemOps (Remediation Operations)

    Deepfake Identity Attacks: Why Your MFA Isn't Enough Anymore

    February 26, 2026

    Deepfake Identity Attacks: Why Your MFA Isn't Enough AnymoreYour MFA is a locked front door, but attackers are now teleporting directly into the living room.Multi-factor authentication was the correct…

    Read moreArrow