That’s a wrap on another Blackhat

Blog AWS Security Cloud Infrastructure Cloud Security

Blackhat 2024 wrapped up last week and we had quite a show! We advanced our Purple Team, creating a new asset for our partners to advance their sales and spread the news on Skyhawk, discussed our automated response capabilities with prospects, which is a clear differentiator, and had great conversations at the booth! 

Free Purple Team Assessment finds threats in one hour 

At re: Invent, we announced the Purple Team and at Blackhat, we announced the free Purple Team Assessment. In just one hour, Skyhawk Security will collect logs, telemetry, and other information to identify the threats within your cloud, and then prioritize them by the business value of the asset that the threat makes vulnerable. This information ensures organizations can address the issues that would cause the greatest harm to the business. The Purple Team Assessment predicts where threat actors will go, so those issues can be fixed to prevent the cloud breach. 

If you would like to get more information on the free assessment, fill out the form on the page. 

Automated response is a clear differentiator 

Skyhawk Security’s automated response enables organizations to leverage automation safely and effectively. With the AI-based purple team, you can see what the AI-red team simulated to get to your crown jewels. The platform will then create an automated response to stop the threatening behavior. Everything is verified in the AI simulation, so security teams can confidently leverage the response. Check out the blog for more. 

Top Questions at the booth 

  • What do you mean when you say purple team? 
    • We say Purple Team because we have a red team and a blue team “fighting” each other and these blend to create the purple team. These are completely AI-based teams and the execution of the “fight” happens in a Simulation Twin so it will not impact production. The purple team leverages business priority rules and automation to identify the crown jewel assets that if breached, would cause damage to your company. We prioritize threats based on the business value of the asset so you know what to fix first. Check out the Purple Team page for more information. 
  • What is the Purple Team Assessment? What does that mean? 
    • If you give us one hour, we can help you identify threats in your cloud and then prioritize them based on the business value of the effort. Check out our press release for more information. At the end of the assessment, we will give you a report to clearly communicate to senior leadership how the Purple Team will help you. This is a completely free assessment. 
  • How many people are part of the red team and the blue team? 
    • We do not have a red team or blue team staffed with people, it is all AI-based. Check out this 3-minute video to learn more about the purple team and how we use AI that is continuously running to find weaknesses in the cloud attack surface to prioritize and fix threats. The team at Gestalt IT also mention how using AI for red and blue teaming is a great use case. 
  • How do you collect the data? Is it agents? 
    • We do not use agents. We collect data from logs, telemetry, even security tools like AWS GuardDuty. We sort through all this information and correlate it into an attack sequence, weeding out benign events and focusing on what is a threat. Alerts from Skyhawk need your attention. They are verified alerts. 
  • Will this help with alert fatigue? 
    • Yes! As stated, Skyhawk Synthesis Security Platform sorts through thousands of events, logs, telemetry, and input from other security tools and surfaces verified alerts. In this blog, you can see a real customer environment where the platform sorted through 60,000 events to deliver 50 verified alerts. SOC teams are overwhelmed if they are presented with 60K events, but they can address 50 verified alerts. 
  • What is used for threat detection? Is it just patterns? 
      • To prevent drift 
      • To ensure that threat actors cannot reverse engineer them 
      • And finally, to ensure that as your cloud architecture evolves and changes, the threat detection models are also aligned to ensure your cloud security is aligned with the cloud architecture. 

 

Action at the booth.  

Thanks to the Cloud Security Alliance, we had a Certificate of Cloud Security Knowledge (CCSK) to raffle off at the booth. Congratulations to the winner! We had many very good conversations, and several security experts were very interested in the AI-based Autonomous Purple Team, and seeing the report from the Assessment showed that this is real. We look forward to following up with everyone who stopped by the booth!  

 

7 Best Practices for a Cloud Detection and Response Framework
Blog

How did the Chinese manage to penetrate the entire communications infrastructure of the United States? How will the privacy of US citizens improve?

We may have recently been exposed to the largest cyber campaign of all times, in which China managed to completely penetrate the communications infrastructure of its great rival, the United States.In doing so, gained access to huge amounts of invaluable

Cloud Breach
Blog

Your Identities are your vulnerability.

The global cloud market continues to grow rapidly, growing 23% year-over-year. This year, Google captured 13%, up from 10% last year. Google complements this impressive growth rate with an emphasis on privacy and security. The commitment to security is clear,

Cloud BreachCloud SecurityCSPM
Blog

Skyhawk Security re:Invent Recap

Re:Invent has come to a close and we had a great week! We kicked off the week with our product announcement. Did you know that most threat actors (70%) are logging into the cloud – they are not “breaking in”.

Cloud BreachCloud SecurityThreat Detection
Blog

Skyhawk Security Interactive Cloud Threat Detection and Response Supports Cloud Native Zero Trust

Skyhawk Security is proud to announce the expansion of its cloud threat detection and response capabilities with Interactive CDR. This new capability expands the team that can verify if an activity is malicious or not, by going to the alleged

AICloud BreachCloud SecurityThreat Detection
Blog

New Enhancements to Skyhawk Security

Skyhawk Security announces the availability of new features and integrations of its Autonomous Purple Team, aimed at extending detection and improving security validation as well as pre-validating threat detection alerts, to effectively manage the security of your cloud. The company

AICloud BreachCloud SecurityThreat Detection
Blog

Why Continuous Monitoring is the Key to Cloud Security

By Asaf Shahar, VP, Product at Skyhawk Security Securing cloud environments presents unique challenges due to their constantly evolving nature. CERT-IL’s alert on public cloud threats (ALERT-CERT-IL-W-1810) underscores common vulnerabilities—exposed credentials, service misconfigurations, and inadequate tenant isolation—frequently exploited by attackers.

AICloud BreachCloud SecurityThreat Detection

Thanks For Reaching Out!

One of our expert will get back to you
promptly at asafshachar@gmail.com

Continue
See the Purple Team
See the breach before it happens
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.