Feature Release: Adversary Emulation Meets GenAI & More

We are excited to release powerful features to the Mitigant Security Platform: Attack Emulation for AWS GenAI services, Mitigant API, and support for AWS Organizations. These features empower organizations to use GenAI cloud services securely.

Emulating and Detecting Scattered Spider-like Attacks

Emulating and Detecting Scattered Spider-like Attacks

This article shows how to leverage Threat-Informed Defense to effectively tackle cloud threat actors, e.g., Scattered Spider. Practical attacks & appropriate defense are demonstrated using Mitigant Cloud Attack Emulation & the Sekoia SOC Platform.

Bedrock or Bedsand: Attacking Amazon Bedrock’s Achilles Heel

Bedrock or Bedsand: Attacking Amazon Bedrock’s Achilles Heel

Amazon Bedrock's Achilles heel is the adoption of S3 as a RAG data source, leading to several GenAI attack vectors, including data poisoning, denial of service & S3 ransomware. This article delves into these attack vectors, detection, and mitigation.

Cloud Attack Emulation: Democratizing Security Operations in the Cloud

Cloud Attack Emulation: Democratizing Security Operations in the Cloud

Security operations are the nerve of organizational cybersecurity efforts. An organization’s security policy typically aims to keep it safe by implementing preventive, detective, and recovery measures. Security operations ensure this ambition by s...

MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care - Part II

Cyber Resilience

MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care - Part II

The MITRE ATT&CK Framework v.14 was released in October 2023 with over 18 new techniques. In the first part of this blog,

DevSecOps in Kubernetes

DevSecOps in Kubernetes

The talk is about how to or how to not implement cloud native projects in highly regulated environments.

MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care. Part I

Cyber Resilience

MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care. Part I

February 23, 2024

The MITRE ATT&CK Framework has become an essential aspect of modern cybersecurity architecture. The framework provides critical ...

Cloud Attack Emulation & Detection Engineering: A Match Made in Heaven

Cloud Attack Emulation & Detection Engineering: A Match Made in Heaven

January 23, 2024

Cloud Attack Emulation and Detection Engineering are revolutionizing how we tackle cyber threats in cloud infrastructure...

The Best of Mitigant Blog Articles in 2023

The Best of Mitigant Blog Articles in 2023

December 28, 2023

Read Mitigant's top 10 most-performing blog posts in 2023 about cloud-native security and cyber resilience.

Navigating the Trifecta: Balancing Cybersecurity, Compliance, and Cyber Resilience

Cyber Resilience

Navigating the Trifecta: Balancing Cybersecurity, Compliance, and Cyber Resilience

December 1, 2023

Cybersecurity teams have a single goal: to keep the business safe from malicious entities. However, the path to achieving this goal is...

Cloud Attack Emulation: Enhancing Cloud-Native Security With Threat-Informed Defense

Cyber Resilience

Cloud Attack Emulation: Enhancing Cloud-Native Security With Threat-Informed Defense

September 19, 2023

Speed and agility are essential for effectively achieving cybersecurity goals in this cloud-native era. High-performing engineering ...

Is Your Cloud NIS2 Ready?

Cloud Compliance

Is Your Cloud NIS2 Ready?

August 16, 2023

Ensuring the cloud is secure, compliant, and resilient is one of the responsibilities of cloud customers. One of the upcoming...

Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part II

Cyber Resilience

Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part II

The first part of this blog series discussed the difference between cyber resilience and cyber security and decoupled the concept of...

Super Charging Cloud Detection & Response with Security Chaos Engineering

Cyber Resilience

Super Charging Cloud Detection & Response with Security Chaos Engineering

Effective Cloud Detection & Response (CDR) strategies are imperative for promptly identifying and responding to cloud security events.

Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part I

Cyber Resilience

Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part I

In today's rapidly evolving threat landscape, cyber resilience is crucial for organizations to effectively defend against and thwart...

Security Chaos Engineering 101: The Mind Map & Feedback Loop

Cyber Resilience

Security Chaos Engineering 101: The Mind Map & Feedback Loop

This is the third article in the Security Chaos Engineering 101 series. The first article laid the foundation for considering Security...

Security Chaos Engineering 101: Getting Your Hands Dirty

Cyber Resilience

Security Chaos Engineering 101: Getting Your Hands Dirty

Security Chaos Engineering (SCE) is a novel approach to cyber security; its core fundamentals are based on the principles of chaos engine

Security Chaos Engineering 101: Fundamentals

Cyber Resilience

Security Chaos Engineering 101: Fundamentals

This article discusses the positioning of Security Chaos Engineering (SCE) as an aspect of security engineering. The primary motivation i

CIS Benchmarks for Cloud Infrastructure Security Compliance

Cloud Compliance

CIS Benchmarks for Cloud Infrastructure Security Compliance

January 10, 2023

You have probably seen or read the term CIS benchmarks when searching for cloud security compliance on the Internet. CIS benchmark is...

Demystifying Security Chaos Engineering - Part II

Cyber Resilience

Demystifying Security Chaos Engineering - Part II

December 20, 2022

The first part of this blog series discussed the origins of chaos engineering and how its application to cloud-native security could...

Why You Might Need BSI C5 Compliance for Your Cloud Infrastructure

Cloud Compliance

Why You Might Need BSI C5 Compliance for Your Cloud Infrastructure

December 5, 2022

With numerous cloud security best practices and standards available on the market, Germany's Federal Office for Information Security...

Demystifying Security Chaos Engineering - Part I

Cyber Resilience

Demystifying Security Chaos Engineering - Part I

October 22, 2022

We are witnessing an upsurge of high-profile attacks in recent times, and the attacks that impacted prominent companies are the most...

Why Securing Your Cloud-Native Infrastructure is Necessary

Why Securing Your Cloud-Native Infrastructure is Necessary

September 12, 2022

Cloud-native adoption has risen in the past few years, which powers today's digital IT infrastructure. According to Flexera's State of...

Drift Management in Cloud Infrastructure

Drift Management in Cloud Infrastructure

September 5, 2022

Managing cloud drifts is one of the challenges faced by cloud-native enterprises. While it might be easy to orchestrate complex cloud...

What is Continuous Cloud Compliance?

Cloud Compliance

What is Continuous Cloud Compliance?

Cloud infrastructure has become the operating system for digital transformation initiatives. Enterprises are rapidly adopting cloud...

Defeating Ransomware Attacks With Security Chaos Engineering - Part II

Cyber Resilience

Defeating Ransomware Attacks With Security Chaos Engineering - Part II

The first blog post in this 2-part series discussed ransomware’s impact, existing countermeasures, and limitations of these countermeasur

Defeating Ransomware Attacks With Security Chaos Engineering - Part I

Cyber Resilience

Defeating Ransomware Attacks With Security Chaos Engineering - Part I

The rate of ransomware attacks has rapidly increased in recent times to an alarming 105% so much that the last two years are dubbed...

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Join The Cloud Security Revolution Today!

Take control of your cloud security in minutes. No credit card required.

Start 30-day Free Trial