‍

Happy New Year! Over the past year, our blog articles and webinar sessions have garnered attention from cloud security professionals, industry analysts, and critical decision-makers. These outcomes strongly resonate with our passion for delivering valuable insights, thought leadership, and actionable advice on critical cloud security topics that enable organizations to maintain a secure and resilient cloud posture. 

We’re excited to highlight the top-performing content on our website that resonated most with our audience. The list includes the top ten performing blog articles and webinar sessions, starting with the top-performing content. 

1. Bedrock or Bedsand: Attacking Amazon Bedrock’s Achilles Heel

Generative Artificial Intelligence (GenAI) took the world by storm last year. Organizations are increasingly leveraging Amazon Bedrock to power their GenAI applications.  Amazon Bedrock provides access to several Foundation Models (FMs) from leading AI companies. 

However, a firm understanding of the shared responsibility model and its peculiar application to Bedrock is imperative for maintaining a healthy cloud security posture. This blog post delves into several security issues with Bedrock, including possible implications, detection opportunities, and mitigations.

Have a look at the article here.

2. Cloud Attack Emulation: Democratizing Security Operations in the Cloud

Security operations are the nerve of organizational cybersecurity efforts. An organization’s security policy typically aims to keep it safe by implementing preventive, detective, and recovery measures. Security operations ensure this ambition by synergizing disparate security efforts into a centrally coordinated, cohesive capability. Despite the indisputable relevance of this capability for adequate security, several organizations lack security operations capability due to the high costs involved.

This article strongly advocates for the urgent need to democratize security operations, using Cloud Attack Emulation as a vital enabler for cheaply and efficiently owning critical capabilities, such as cloud penetration tests, red/purple teaming exercises, incident response readiness, etc.

Read the full scoop here.

3. MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care. Part I

The MITRE ATT&CK Framework has become an essential aspect of modern cybersecurity strategies. The framework provides critical information about attacker tactics and techniques imperative for adopting effective defenses. The MITRE ATT&CK Framework v.14 was released in October 2023 with over 18 new techniques. We look at two of the four techniques relevant to the IaaS section of the MITRE ATTACK Matrix for Enterprises:

• Abuse Elevation Control Mechanism - Temporary Elevated Cloud Access
• Credentials from Password Stores: Cloud Secrets Management Stores.

Read the complete article here. 

4. Security Chaos Engineering 101: Fundamentals

This article discusses the positioning of Security Chaos Engineering (SCE) as an aspect of security engineering. The primary motivation is to allow security engineers and other cyber-security professionals to view SCE as an integral aspect of security engineering, not an esoteric craft. Adopting this mindset is vital for demystifying SCE and gaining its inherent benefits. Furthermore, two misconceptions about SCE are addressed in this article to present objective information and clarity of knowledge. 

Read the complete article here. 

5. Cloud Attack Emulation & Detection Engineering: A Match Made in Heaven 

Cloud Attack Emulation and Detection Engineering are revolutionizing how we tackle cyber threats in cloud infrastructure. This synergy is imperative for modern security teams and can be comparable to the art of swordsmithing. The balanced combination of heat, tampering, and appropriate materials produces a masterpiece sword, a formidable weapon wielded by skilled warriors to conquer adversaries.

This article overviews cloud attack emulation and how its adoption enhances detection engineering capabilities. It demonstrates the critical role of detection engineering with practical examples, such as identifying detection gaps due to AWS API changes and MITRE ATT&CK version releases. Furthermore, the article outlines steps to integrate attack emulation into the Detection Engineering lifecycle.

Read the complete article here. 

6. Exploring the Role of Research in Cloud Security

In this webinar, we were privileged to have Christophe Parissel, a renowned figure in cloud security research, as our guest speaker. He was joined by our CTO and Co-Founder, Kennedy Torkura, who brings his wealth of experience to the table. Both experts shared their research backgrounds and how they have shaped their professional journeys. The webinar delved into how cutting-edge research uncovers cloud vulnerabilities and weaknesses, such as those in AI workflows and Kubernetes clusters, and drives the development of solutions to stay ahead of evolving threats.

This webinar was tailored to offer invaluable insights into the intersection of cloud research, innovation, and security, thus fitting across different categories of security professionals. 

Watch the webinar recording on YouTube. 

7. Emulating and Detecting Scattered Spider-Like Attacks

Scattered Spider has been a notorious Threat Actor in recent years. They are responsible for several high-profile cyberattacks, including the ransomware against MGM Resorts in 2023. This article, a collaboration between Mitigant and Sekoia, showcases how organizations can thwart attacks by implementing TTPs associated with Scattered Spider. The approach discussed combines Mitigant Cloud Attack Emulation and the Sekoia Security Operations Center (SOC) Platform, essentially a Threat-Informed Defense strategy that emphasizes fusing defensive measures, Cyber Threat Intelligence, and security validation. 

Read the complete article here. 

8. Cloud Attack Emulation: The Swiss Knife for Effective Security Operations in Cloud Infrastructure

In this webinar, Kennedy Torkura, our CTO and co-founder, provides valuable insights and practical knowledge on using Cloud Attack Emulation to enhance security operations. This session offers strategies and tools for fortifying cloud infrastructure against emerging threats.

Cloud Attack Emulation is an innovative approach that significantly enhances cloud security posture. It hinges on emulating many potential threats, from simple attacks to complex, multi-stage attacks, such as Advanced Persistent Threats. This approach enables the identification of weaknesses, testing the effectiveness of implemented security measures, enhancing incident response capabilities, and consolidating a Threat-Informed Defense strategy.

Watch the webinar recording on YouTube. 

9. MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care. Part II

This article examines two more techniques added to the Cloud Matrix of MITRE ATT&CK Framework v.14: Log Enumeration (T1654) and Modify Cloud Compute Infrastructure: Modify Cloud Compute Configurations (T1578.005). We describe examples of attacks, mitigation strategies, and detection opportunities for each technique.

Read the complete article here. 

10. Demystifying Amazon Bedrock LLMJacking Attacks

LLMJacking is one of the most prolific attacks against GenAI cloud workloads. During an LLMJacking attack, cybercriminals illegally gain access to a Large Language Model (LLM) and use it at will. The primary motivation is to avoid the enormous bills accrued when using foundational models offered on cloud platforms  (up to $46,000 of LLM consumption/day).  Most LLMJacking attacks target Amazon Bedrock, which offers foundational models from leading AI companies, such as Anthropic, Coherent Meta, and Stability AI.

Check the article here.

What’s Next: Unique Content Planned, Don’t Miss. 

As we reflect on our most popular content, we’re reminded of the importance of listening to our audience. The feedback and engagement we receive from the community are critical to crafting resources that address real-world cloud security challenges.

We’re committed to delivering even more value in 2025: blogs about cutting-edge cloud security technologies, insightful webinars, and practical resources to help you stay ahead of threats. Do not hesitate to sign up for our newsletter so you do not miss out. 

Which of these topics did you find most valuable? Let us know. You can contact us here: https://www.mitigant.io/en/contact or you can reach out on LinkedIn or X (formerly Twitter).

‍