How Behavioral Detections Aid Healthcare Security

Healthcare organizations face unique cybersecurity challenges due to their hybrid IT (information technology) environments, sensitive data, and resource constraints.

Automating AWS Infrastructure Creation with Crossplane and GitOps

A while back, I started migrating my CD to a full GitOps process.

Understanding Cloud Threat Hunting

An excerpt from Cloud Threat Detection, Investigation, and Response for Dummies®.

Using Gen AI for Cloud Threat Detection and Investigation

AI-driven cloud attacks require and AI-driven response. Learn how AI can automate threat intelligence, accelerate response times, and simplify investigations.

The Red Team Mindset: Why Adversarial Testing is Critical for Cloud Security

Attacks against cloud and SaaS deployments are unfortunately inevitable.

Investigator's Guide to SaaS Incident Response: Part One—Okta Log Fields

As organizations continue to shift to cloud-based or entirely cloud-native environments, incident responders now have the challenging task of researching and deciphering how each SaaS vendor can be both attacked and investigated.

The Role of Third-party Validation in your Cloud Security

In recent weeks, the cybersecurity community has been abuzz with news about a potential data breach at one of the leading cloud data platforms.

Mitiga welcomes Amir Gabrieli as Vice President of Product

We’re proud to announce that Amir Gabrieli has been appointed as Mitiga’s Vice President of Product. With a distinguished career spanning over two decades in cloud and cybersecurity, Amir is an industry veteran.

Tactical Guide to Threat Hunting in Snowflake Environments

It was brought to our attention that a threat actor has been observed using stolen customer credentials to target organizations utilizing Snowflake databases. This campaign focused on data theft and extortion. The threat actor primarily exploited environments lacking two-factor authentication (2FA) and originated from commercial VPN IPs. An attack tool named “rapeflake” has been identified in these incidents, though detailed information about the tool itself remains unknown. The threat actor has directly extorted organizations, further pressuring them by publicly posting stolen data for sale on hacker forums. The full extent of their activities is still under investigation, and we will update this section as new information becomes available.