Learn why Gartner® included Mitiga in the Emerging Tech: Techscape for Startups in Cloud and Application Security report

Gavriel Fried

Gavriel Fried

Principal Cloud Security Researcher

Gavriel Fried is a Senior Cloud Security Researcher at Mitiga, where he investigates potential attacks and abuse techniques targeting cloud services and SaaS platforms. Before joining Mitiga, Gavriel held a variety of research roles spanning UEBA, deception technologies, deep packet inspection, red teaming, digital forensics, and malware analysis — essentially, if it involved breaking or analyzing things, he was probably involved. These days, his work focuses on staying one step ahead of attackers in the cloud… and occasionally reminding people that “shared responsibility” doesn’t mean “shared blame.”

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs – Part 2

This second part of the blog series continues the path to understanding principals and identities in Google Cloud Platform (GCP) Audit Logs. Part one introduced core concepts around GCP logging, the different identity types, service accounts, authentication methods, and impersonation.

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs – Part 1

Google Cloud Platform (GCP) continues to expand its offerings and remains a top-tier cloud infrastructure service provider. It offers a wide range of services, including Compute Engine (VMs), Google Kubernetes Engine (GKE), BigQuery, Cloud Storage, and Cloud AI Platform. However, in recent years, several vulnerabilities have been reported in some of GCP's services, such as privilege escalation in GKE and CloudSQL.

Understanding GitLab's Security Threats and Strengthening Your Preparedness

GitLab, a cloud-based, open-source Git repository used by over 38,000 companies around the globe, plays a pivotal role in modern software development. For the organizations that rely on it, it’s a vital collaboration tool and innovation enabler, allowing developers to swiftly test, monitor, and deploy code and housing the full CI/CD pipeline.

Ransomware Strikes Azure Storage: Are You Ready?

There’s been a recent surge in cloud ransomware attacks. Examples of such attacks were observed by Sophos X-Ops, which detected the ransomware group BlackCat/ALPHV using a new Sphinx encryptor variant to encrypt Azure storage accounts by employing stolen Azure Storage account keys. The BlackCat/ALPHV ransomware group is the same entity that claimed responsibility for infiltrating MGM’s infrastructure and encrypting more than 100 ESXi hypervisors.