Customers
Why Mitiga
Request a DemoEmergency Assistance
Home
»
Blog Main

We’re proud to release Investigation Workbench, a first-of-its-kind cyber solution that provides instant clarity on all multi-cloud and Software-as-a-Service (SaaS) activities through a single pane of glass. This innovative capability further enhances Mitiga's IR2 Platform, the industry’s only complete cloud investigation and response automation (CIRA) solution.

At a moment when the Securities and Exchange Commission (SEC) is requiring public U.S. companies to report material cybersecurity incidents within 4 days, enterprises are also facing prevalent, damaging, and sophisticated cloud and SaaS incidents. An advancement like Investigation Workbench is invaluable to ensure enterprises have the capabilities required to respond.

“Incident response readiness is a critical step in achieving cyber resilience,” said Dave Gruber, Principal Analyst, Enterprise Strategy Group. “Our research ranks cloud as the top priority for detection and response, which indicates that many organizations still lack the visibility and data needed to rapidly investigate, understand, and respond to attacks within cloud and SaaS applications and infrastructure. Mitiga is helping organizations close this gap with tools like Investigation Workbench and its IR2 Platform that continuously capture, organize, and query forensics-grade cloud data at scale, augmented further by insights from Mitiga's cloud and SaaS IR experts. Incident response can be a slow arduous process in the cloud, and Mitiga is helping simplify and accelerate it.”

Using Mitiga’s Investigation Workbench, Security Operations Center (SOC) teams can see chains of events across vast cloud and SaaS estates to understand the extent of the activities and impact without possessing deep cloud and SaaS investigation expertise. Determining materiality in a short span becomes not only viable but remarkably simpler, empowering internal Incident Response (IR) and SOC teams in a whole new way. They can now quickly decide which cloud and SaaS incidents they can effectively manage in-house, and which larger incidents demand both disclosure and additional support and expertise to contain.

"Since inception, Mitiga has been dedicated to helping organizations proactively prepare for cloud and SaaS attacks so they can respond immediately and get back to business as usual,” stated Tal Mozes, co-founder and CEO, Mitiga. “We enable a level of resilience for modern enterprises that traditional methods can’t. The majority of the industry is playing catch-up, only now understanding that incident response in the cloud and SaaS requires new capabilities to deliver faster response times, reduced investigation overhead, and continuous breach detection. Investigation Workbench builds off our important industry research, helping companies combat today’s sophisticated threats. Not only does it take the market to a new level by removing complexity for internal IR and SOC teams—enabling them to quickly understand an incident and take immediate action to minimize downtime—but it also furthers our leadership position in this emerging CIRA space.”

Investigation Workbench can be used in any situation where there is a need to investigate cloud or SaaS activities, including a security alert, suspected phishing incident, or unusual user behavior, to understand exactly what happened. For example, if a user has been phished, Investigation Workbench can be used to see what actions the user took after the phishing incident. It provides an automated timeline of activities, allowing security teams to assess whether the user downloaded files, read certain emails, or performed other actions that could indicate a security breach. With Investigation Workbench, organizations can swiftly determine whether an incident is minor and can be managed internally or if it's substantial and necessitates further expert intervention.

“2023 has been a tremendous year for Mitiga,” said Mozes, “and we’re so pleased to end the year with the availability of this innovative solution.”

LAST UPDATED:

May 4, 2024

See cloud and SaaS activities clearly. Learn more about Investigation Workbench.

Don't miss these stories:

Frost & Sullivan’s Latest 2025 Frost Radar: The Need for Runtime Cloud Security in a Cloud-First World

Cloud breaches rose 35% year over year in 2024, and legacy security tools are failing to keep up. The rapid sprawl of multi-cloud and SaaS has shattered the assumptions baked into legacy, on-prem, and endpoint-focused security stacks, which can’t keep pace with today’s dynamic attack surfaces.

The Remote Worker Scam: Understanding the North Korean Insider Threat

Recent investigations have uncovered a sophisticated scheme by North Korean operatives to exploit remote work policies in the U.S. tech industry.

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs – Part 2

This second part of the blog series continues the path to understanding principals and identities in Google Cloud Platform (GCP) Audit Logs. Part one introduced core concepts around GCP logging, the different identity types, service accounts, authentication methods, and impersonation.

Mitiga Security Advisory: Lack of Forensic Visibility with the Basic License in Google Drive

Mitiga's advisory highlights critical gaps in forensic visibility with Google Drive's Basic license, affecting security and incident investigations. Read on.

Cloud Detection vs Cloud Threat Hunting: Insights for Cyber Leaders

As cyber threats evolve, security teams need to detect and mitigate cloud attacks. Learn why cloud detection and threat hunting are key defense strategies.

Oops, I Leaked It Again — How Mitiga Found PII in Exposed Amazon RDS Snapshots

A recent Mitiga Research Team investigation found the well-regarded Amazon Relational Database Service is leaking PII via exposed RDS Snapshots.