Search

MITRE ATT&CK Cloud Matrix v.16: New Techniques & Why You Should Care Part I

The MITRE ATT&CK Framework v.16 was released in October 2024 with over 19 new techniques. This blog discusses two new Cloud Matrix sub-techniques: Modify Authentication Process: Conditional Access Policies (T1556) and Resource Hijacking: Cloud

Read More
All Categories
Cloud Compliance
Cyber Resilience
Cloud Security
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Exploring the Threat Landscape for GenAI Cloud Workloads
Cloud Security
Exploring the Threat Landscape for GenAI Cloud Workloads
October 28, 2024
With GenAI adoption rising significantly in various sectors over the past years, the threat landscape associated with GenAI will also evolve rapidly. Learn more about what security challenges can potentially threaten the cloud GenAI workloads.
Read More
Demystifying Amazon Bedrock LLMJacking Attacks
Cloud Security
Demystifying Amazon Bedrock LLMJacking Attacks
October 13, 2024
LLMJacking attacks are increasingly targeting GenAI workloads on Amazon Bedrock. Cybercriminals illegally gain access to Large Language Models during LLMJacking attacks and resell this access via chatbots for profit.
Read More
Feature Release: Adversary Emulation Meets GenAI & More
Cloud Security
Feature Release: Adversary Emulation Meets GenAI & More
August 1, 2024
We are excited to release powerful features to the Mitigant Security Platform: Attack Emulation for AWS GenAI services, Mitigant API, and support for AWS Organizations. These features empower organizations to use GenAI cloud services securely.
Read More
Emulating and Detecting Scattered Spider-like Attacks
Cloud Security
Emulating and Detecting Scattered Spider-like Attacks
July 24, 2024
This article shows how to leverage Threat-Informed Defense to effectively tackle cloud threat actors, e.g., Scattered Spider. Practical attacks & appropriate defense are demonstrated using Mitigant Cloud Attack Emulation & the Sekoia SOC Platform.
Read More
Bedrock or Bedsand: Attacking Amazon Bedrock’s Achilles Heel
Cloud Security
Bedrock or Bedsand: Attacking Amazon Bedrock’s Achilles Heel
July 10, 2024
Amazon Bedrock's Achilles heel is the adoption of S3 as a RAG data source, leading to several GenAI attack vectors, including data poisoning, denial of service & S3 ransomware. This article delves into these attack vectors, detection, and mitigation.
Read More
Cloud Attack Emulation: Democratizing Security Operations in the Cloud
Cloud Security
Cloud Attack Emulation: Democratizing Security Operations in the Cloud
July 2, 2024
Security operations are the nerve of organizational cybersecurity efforts. An organization’s security policy typically aims to keep it safe by implementing preventive, detective, and recovery measures. Security operations ensure this ambition by s...
Read More
MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care - Part II
Cyber Resilience
MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care - Part II
May 31, 2024
The MITRE ATT&CK Framework v.14 was released in October 2023 with over 18 new techniques. In the first part of this blog,
Read More
DevSecOps in Kubernetes
Cloud Security
DevSecOps in Kubernetes
May 24, 2024
The talk is about how to or how to not implement cloud native projects in highly regulated environments.
Read More
MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care. Part I
Cyber Resilience
MITRE ATT&CK Cloud Matrix: New Techniques & Why You Should Care. Part I
February 23, 2024
The MITRE ATT&CK Framework has become an essential aspect of modern cybersecurity architecture. The framework provides critical ...
Read More
Cloud Attack Emulation & Detection Engineering: A Match Made in Heaven
Cloud Security
Cloud Attack Emulation & Detection Engineering: A Match Made in Heaven
January 23, 2024
Cloud Attack Emulation and Detection Engineering are revolutionizing how we tackle cyber threats in cloud infrastructure...
Read More
The Best of Mitigant Blog Articles in 2023
Cloud Security
The Best of Mitigant Blog Articles in 2023
December 28, 2023
Read Mitigant's top 10 most-performing blog posts in 2023 about cloud-native security and cyber resilience.
Read More
Navigating the Trifecta: Balancing Cybersecurity, Compliance, and Cyber Resilience
Cyber Resilience
Navigating the Trifecta: Balancing Cybersecurity, Compliance, and Cyber Resilience
December 1, 2023
Cybersecurity teams have a single goal: to keep the business safe from malicious entities. However, the path to achieving this goal is...
Read More
Cloud Attack Emulation: Enhancing Cloud-Native Security With Threat-Informed Defense
Cyber Resilience
Cloud Attack Emulation: Enhancing Cloud-Native Security With Threat-Informed Defense
September 19, 2023
Speed and agility are essential for effectively achieving cybersecurity goals in this cloud-native era. High-performing engineering ...
Read More
Is Your Cloud NIS2 Ready?
Cloud Compliance
Is Your Cloud NIS2 Ready?
August 16, 2023
Ensuring the cloud is secure, compliant, and resilient is one of the responsibilities of cloud customers. One of the upcoming...
Read More
Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part II
Cyber Resilience
Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part II
July 31, 2023
The first part of this blog series discussed the difference between cyber resilience and cyber security and decoupled the concept of...
Read More
Super Charging Cloud Detection & Response with Security Chaos Engineering
Cyber Resilience
Super Charging Cloud Detection & Response with Security Chaos Engineering
July 5, 2023
Effective Cloud Detection & Response (CDR) strategies are imperative for promptly identifying and responding to cloud security events.
Read More
Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part I
Cyber Resilience
Leveraging Security Chaos Engineering for Cloud Cyber Resilience - Part I
June 7, 2023
In today's rapidly evolving threat landscape, cyber resilience is crucial for organizations to effectively defend against and thwart...
Read More
Security Chaos Engineering 101: The Mind Map & Feedback Loop
Cyber Resilience
Security Chaos Engineering 101: The Mind Map & Feedback Loop
April 19, 2023
This is the third article in the Security Chaos Engineering 101 series. The first article laid the foundation for considering Security...
Read More
Security Chaos Engineering 101: Getting Your Hands Dirty
Cyber Resilience
Security Chaos Engineering 101: Getting Your Hands Dirty
April 2, 2023
Security Chaos Engineering (SCE) is a novel approach to cyber security; its core fundamentals are based on the principles of chaos engine
Read More
Security Chaos Engineering 101: Fundamentals
Cyber Resilience
Security Chaos Engineering 101: Fundamentals
March 6, 2023
This article discusses the positioning of Security Chaos Engineering (SCE) as an aspect of security engineering. The primary motivation i
Read More
CIS Benchmarks for Cloud Infrastructure Security Compliance
Cloud Compliance
CIS Benchmarks for Cloud Infrastructure Security Compliance
January 10, 2023
You have probably seen or read the term CIS benchmarks when searching for cloud security compliance on the Internet. CIS benchmark is...
Read More
Demystifying Security Chaos Engineering - Part II
Cyber Resilience
Demystifying Security Chaos Engineering - Part II
December 20, 2022
The first part of this blog series discussed the origins of chaos engineering and how its application to cloud-native security could...
Read More
Why You Might Need BSI C5 Compliance for Your Cloud Infrastructure
Cloud Compliance
Why You Might Need BSI C5 Compliance for Your Cloud Infrastructure
December 5, 2022
With numerous cloud security best practices and standards available on the market, Germany's Federal Office for Information Security...
Read More
Demystifying Security Chaos Engineering - Part I
Cyber Resilience
Demystifying Security Chaos Engineering - Part I
October 22, 2022
We are witnessing an upsurge of high-profile attacks in recent times, and the attacks that impacted prominent companies are the most...
Read More
Why Securing Your Cloud-Native Infrastructure is Necessary
Cloud Security
Why Securing Your Cloud-Native Infrastructure is Necessary
September 12, 2022
Cloud-native adoption has risen in the past few years, which powers today's digital IT infrastructure. According to Flexera's State of...
Read More
Drift Management in Cloud Infrastructure
Cloud Security
Drift Management in Cloud Infrastructure
September 5, 2022
Managing cloud drifts is one of the challenges faced by cloud-native enterprises. While it might be easy to orchestrate complex cloud...
Read More
What is Continuous Cloud Compliance?
Cloud Compliance
What is Continuous Cloud Compliance?
July 21, 2022
Cloud infrastructure has become the operating system for digital transformation initiatives. Enterprises are rapidly adopting cloud...
Read More
Defeating Ransomware Attacks With Security Chaos Engineering - Part II
Cyber Resilience
Defeating Ransomware Attacks With Security Chaos Engineering - Part II
May 18, 2022
The first blog post in this 2-part series discussed ransomware’s impact, existing countermeasures, and limitations of these countermeasur
Read More
Defeating Ransomware Attacks With Security Chaos Engineering - Part I
Cyber Resilience
Defeating Ransomware Attacks With Security Chaos Engineering - Part I
April 19, 2022
The rate of ransomware attacks has rapidly increased in recent times to an alarming 105% so much that the last two years are dubbed...
Read More
No Result Found
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Join The Cloud Security Revolution Today!

Take control of your cloud security in minutes. No credit card required.
Start 30-day Free Trial