Skyhawk Security re:Invent Recap

AWS Security Blog Cloud Security

Re:Invent has come to a close and we had a great week! 

We kicked off the week with our product announcement. Did you know that most threat actors (70%) are logging into the cloud – they are not “breaking in”. Today, threat actors are using leaked credentials and API keys to log into the cloud, making it hard for the SOC to determine which activities are malicious given a legitimate identity was compromised. Skyhawk’s new capability, Interactive CDR, verifies suspicious activity with the cloud asset owner, who can indicate whether the behavior is a threat or legitimate, though irregular activity. With Skyhawk’s Interactive CDR, enterprises add a cloud-native zero trust solution to their overall zero trust strategy to help prevent cloud breaches natively. 

How does it work? 

When an abnormal activity is detected, the cloud asset owner is determined, and an alert is sent to their phone asking them to confirm if they are the ones executing the activity or not. If they are, they can just say “Yes, it is me”, additional context is added to the alert which helps the SOC reduce alert fatigue. If the asset owner says, “No, report it”, then all alarms go off, the SOC knows they need to take action fast. Read the blog or press release for more information.  

Skyhawk’s proactive and interactive CDR in a single platform for the very first time bridges the gaps and reduces friction between cloud teams, cloud security and SOC, and reduces the alert fatigue. It adds context both proactively, before an incident happens and interactively, when an incident happens. And the market was clearly listening as we had lots of coverage!  

SC Media recognized the need to align with zero trust principles by treating all users – inside or out – with suspicion. ChannelE2E and MSSP covered the news as well. This really showed us that many recognize this risk – threat actors with credentials are all too common and the strain on the SOC to find these threat actors is high.  Finally, you can read these more from Solutions Review, SiliconAngle, Market Insider by Business Insider, and SecurityWeek 

We had several great conversations with prospects – when we said threat actors are logging in – there was 100% agreement on that. Many were very interested in how we add security validate proactively as well as add context and differentiate between a real threat and just one-off behavior from employees interactively. Skyhawk Security’s Platform is an award-winning technology, and this latest enhancement furthers the goal – to prevent cloud breaches. 

People still like the giveaways! Light-up wristbands, sleep masks, and Bluetooth speakers were all on the scene and people stopped to learn about Skyhawk but also pick up some swag 😊 which was a hit!  

Finally, as always, it is always great to see our coworkers, friends, and colleagues who are so far away.  

You can try the product for free – sign up today! 

Blog

Skyhawk Security has obtained Cloud Security Alliance (CSA) Security, Trust & Assurance Registry (STAR) Level 1, meaning that Skyhawk has publicly documented its compliance with CSA’s Cloud Controls Matrix (CCM). CSA STAR Level 1 (self-assessment) documents the security controls provided

Cloud Security
Blog

Skyhawk Security recently announced at RSA 2025 an expansion of our AI-Powered Purple Team to secure cloud applications and how they interact with the cloud infrastructure they are hosted on. This new capability identifies weaponized risks in cloud applications, the

Cloud Security
Blog

There are several reasons why cloud security is so challenging, and the leading issue is roles and responsibilities. In the cloud there are three main groups that interact when securing the cloud: Cloud Security Team, Security Operations Center, and DevOps.

Management
Blog

As Skyhawk Security wraps up another RSA, we can reflect on the conversations, learnings, and fun. The conversations at the booth are always good, and it is clear that organizations are looking for a preemptive approach to cloud security. Several

Cloud Security
Blog

This blog was written by Asaf Shahar, VP, Products at Skyhawk Security The UK Information Commissioner’s Office (ICO) recently fined Liverpool-based law firm DDP Law £60,000 following a ransomware attack that exposed highly sensitive criminal case data. The investigation revealed

AICloud BreachData BreachLLMsThreat Detection
Blog

Skyhawk Security is at the collision of two trends within cloud security – for more than a decade it is clear that the cloud is perimeter less, attackers are logging in and not breaking in, and in addition, threat actors

AICloud BreachData BreachLLMsThreat Detection
See the Purple Team
See the breach before it happens
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.