Roei Sherman, Senior Director, Mitiga Research

Roei Sherman brings over a decade of experience in adversarial cybersecurity roles, with deep expertise in Red Team operations and applying an adversarial mindset to defensive strategy. His work spans technical Red Team engagements, social engineering, physical security, deception, and incident response across diverse platforms. Roei believes in thinking like a bad guy — which is perfectly fine, as long as you don’t start doing HR’s job too.

Breaking Down the Microsoft Entra ID Actor Token Vulnerability: The Perfect Crime in the Cloud

When we think about catastrophic vulnerabilities in the cloud, we usually imagine complex exploits that require advanced techniques, persistence, or luck. Sometimes a single flaw breaks the trust we put in our identity providers.

October 10, 2025

The Rising Threat of Adversarial AI Attackses: Preparing for the Next Wave of Cloud and SaaS Attacks

Learn about the rising threat of AI-enabled adversaries, uncover how vulnerabilities are exploited, and discover strategies to protect your digital assets now.

January 30, 2025

10 Strategies to Communicate Cloud Security Gaps to Leadership

Read actionable strategies to communicate cloud security gaps and recommendations to leadership.

January 6, 2025

5 Tips to Address the Cybersecurity Skills Gap

Cybersecurity leaders face challenges with the ongoing skills gap. Learn five strategies and tips to address these challenges.

January 6, 2025

IaaS vs PaaS vs SaaS: What Are the Differences?

Learn the different methods businesses use to build, manage, and scale digital infrastructure.

December 30, 2024

5 Common Threat Actor Tactics Used in Cloud, Identity, and SaaS Attacks

Explore five common tactics used in cloud attacks and recommendations on how to defend against them.

December 4, 2024

National Cybersecurity Awareness Month Recommendations

Explore strategies and examples of how to handle cloud security incidents when prevention isn’t enough.

October 29, 2024

Why Cloud Threats in Healthcare are Surging and How to Combat Them

The healthcare industry is having an increasingly challenging time when it comes to cyber security.

July 26, 2024

How Behavioral Detections Aid Healthcare Security

Healthcare organizations face unique cybersecurity challenges due to their hybrid IT (information technology) environments, sensitive data, and resource constraints.

July 18, 2024

Using Gen AI for Cloud Threat Detection and Investigation

AI-driven cloud attacks require and AI-driven response. Learn how AI can automate threat intelligence, accelerate response times, and simplify investigations.

July 8, 2024

The Red Team Mindset: Why Adversarial Testing is Critical for Cloud Security

Attacks against cloud and SaaS deployments are unfortunately inevitable.

July 2, 2024

Overcoming the Challenges of Securing SaaS

Generally speaking, when most CISOs think about their cloud security, they’re keyed into their cloud infrastructure held at big providers like AWS, Azure, and GCP. Their typical focus is on securing virtual machines, storage and networks that run on cloud infrastructure. All of this is hugely important.

March 7, 2024

What Most SOC Teams are Missing in Their Cloud Security

For decades, Security Operations Center (SOC) have been at the foundation of organizational security and risk mitigation. SOCs perform critical operations, helping to keep systems updated and handle the day-to-day monitoring of organizational IT.

February 22, 2024

Microsoft Breach by Midnight Blizzard (APT29): What Happened?

Understand the Midnight Blizzard Microsoft breach by APT29, what happened, and key steps organizations should take to strengthen their defenses.

February 20, 2024

What CSPMs Can't Do for Your Cloud Security

In recent years, Cloud Security Posture Management (CSPM) tools have become increasingly popular, and with good reason. The posture management capabilities a CSPM provides can help an organization better understand cloud configuration to prevent potential security incidents.

February 9, 2024

Roei Sherman