Customers
Why Mitiga
Request a DemoEmergency Assistance

Cutting-Edge Cloud Research. Real-World Cloud Defense.

Welcome to Mitiga Labs, our research and innovation arm dedicated to investigating emerging cloud and SaaS threats and advancing proactive response strategies to help security teams stay ahead of what's next in terms of security risks.

Explore our research

Top 10 Cloud Threats in 2025

MITIGA LABS TEAM | 00.00.25

Built for detection engineers, SOC teams, and cloud defenders, this guide is a must-read for anyone responsible for keeping modern environments secure.

Read Full Report

Purposeful Insights on the Cloud Security Frontier

Mitiga Labs is the research and development engine powering Mitiga’s threat intelligence and response strategies. Our expert team of cloud security researchers focus on emerging attack techniques, publish original findings, and help shape the future of proactive cloud defense.

Mitiga Labs doesn’t just observe the cloud threat landscape – we’re reverse-engineering it.

 Latest from the Labs

Explore the latest discoveries, deep dives, and technical how-tos from the Mitiga Labs team. Our research is dedicated to informing defenders and disrupting attackers.

Hackers in Aisle 5: What DragonForce Taught Us About Zero Trust

A major social engineering campaign by DragonForce hit UK retailers leading to ransomware deployment and data exfiltration. Mitiga Labs examines the attack and highlights where Zero Trust could have stopped it.

RESEARCHERS

Jed Morley

Read More

No One Mourns the Wicked: Your Guide to a Successful Salesforce Threat Hunt

Explore a threat-hunt framework for Salesforce, illustrating behavior-based detection and proactive techniques to identify hidden or early-stage compromises in your org.

RESEARCHERS

Ariel Szarf, Doron Karmi

Read More

Tag Your Way In: New Privilege Escalation Technique in GCP

What if attackers with low-level tag permissions could manipulate IAM Conditions to elevate privileges unexpectedly in Google Cloud Platform? Well, they can!

RESEARCHERS

Ariel Kalman

Read More

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs – Part 2

Gavriel dives deeper into audit log principals in GCP covering service agents, workload identities, impersonation paths, and how they affect forensic timelines during incident investigations.

RESEARCHERS

Gavriel Fried

Read More

View More

Research Team

Austin Bollinger

Principal Incident Responder

Ariel Kalman

Senior Security Researcher

Ariel Szarf

Senior Security Researcher

Doron Karmi

Senior Security Researcher

Gavriel Fried

Principal Cloud Security Researcher

Idan Cohen

Senior Cloud TDIR

Jed Morley

Senior Incident Responder

Nir Varon

Security analyst

Roei Sherman

Senior Director, Mitiga Research

Ucha Gobejishvili

Senior Incident Responder

Mitiga Helios Al

The next critical capability for Mitiga Al is here. Explore our new solution to automate alert triage and reduce SecOps workload.

Learn More

 Featured Videos

From Snowflake to Snowstorm:
Navigating Breaches and Detections
RSA CONFERENCE
Learn More
It’s Getting Real & Hitting the Fan 2025:
Think You See Me? No You Don't!
RSA CONFERENCE
Learn More
Cloud, Identity & SaaS Forensic
Investigation—Not What You Think!
RSA CONFERENCE
Learn More
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyGot it!
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyGot it!