Permiso Security
@permisosecurity
Followers
989
Following
381
Media
55
Statuses
222
Detection for all of your clouds - identity providers, Iaas, Saas, Paas and more.
Joined November 2021
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
ارسنال
• 499116 Tweets
بورنموث
• 482638 Tweets
Arsenal
• 136358 Tweets
Manchester United
• 66725 Tweets
Brentford
• 58163 Tweets
Liverpool
• 57301 Tweets
Saka
• 56766 Tweets
Ten Hag
• 40552 Tweets
Bournemouth
• 37014 Tweets
Saliba
• 36774 Tweets
Garnacho
• 36643 Tweets
#ANTvGS
• 28004 Tweets
Rashford
• 27597 Tweets
Oklahoma
• 27032 Tweets
De Ligt
• 23284 Tweets
Newcastle
• 22784 Tweets
Indiana
• 22663 Tweets
Hojlund
• 18983 Tweets
Sterling
• 17947 Tweets
Osimhen
• 16906 Tweets
Raya
• 16319 Tweets
Nebraska
• 15861 Tweets
Arteta
• 14731 Tweets
Merino
• 12031 Tweets
Trossard
• 11787 Tweets
#BOUARS
• 10976 Tweets
Martinelli
• 10745 Tweets
We're excited to announce the launch of CloudGrappler, an open-source tool designed to help security teams detect threat actors like LUCR-3 (Scattered Spider) in their cloud environment.
1
40
106
We are kicking off a series of blog posts that will walk through some of MITRE's ATT&CK Matrix, diving deep into cloud-based techniques. In our first post in this series, we will cover Cloud Administration Command
1
19
56
We are thrilled to announce our $18.5M Series A funding led by Altimeter Capital in order to accelerate the development of our cloud detection and response (CDR) solution for all clouds that extends coverage into identity threat detection and response.
1
10
33
We're excited to announce the launch of Cloud Console Cartographer, our latest open-source tool that helps security teams easily make sense of the noisy events generated in logs by activity conducted in AWS console!
1
6
24
In their recent blog article on defending against
#ScatteredSpider
,
@SANSInstitute
references threat research from
@TekDefense
and the
@P0Labs
team. We're honored to be included of
@CrowdStrike
,
@Mandiant
,
@CISACyber
,
@Microsoft
,
@twilio
and
@Cloudflare
.
0
6
21
We're back with our second post on MITRE's ATT&CK Matrix, this time covering defense evasion strategies. This two part series will cover Modify Cloud Compute Infrastructure!
0
6
18
We're happy to announce we have open sourced LogLicker! The process of finding and replacing sensitive data in logs is time-consuming and error prone. LogLicker replaces sensitive log information with randomized placeholders.
0
12
19
Have you checked out
#CloudGrappler
yet? It's an open-source tool that detects activity related to well-known threat actors in
#AWS
and
#Azure
environments.
0
8
18
A few weeks ago we tackled another technique our
@MITREattack
matrix blog series. This time we dig into the
#NHI
side and dive deep on how adversaries steal application tokens.
0
3
18
We are excited to announce the launch of Cloud Tales - a limited series that shares the stories and journeys of industry cloud heroes each month. Our first guest will be none other than
@chanjbs
! Join us next Thursday!
0
5
16
We're excited to release YetiHunter - an open source tool that helps teams detect and hunt for suspicious activity in
#Snowflake
. Built by
@TekDefense
and
@gl4ssesbo1
!
🚨 Introducing YetiHunter! 🚨 After assisting clients with
#Snowflake
investigations, the
@permisosecurity
team created a utility that queries known indicators from recent attacks on Snowflake customers. 🔍
🔗 Tool & blog link in the comments!
1
8
22
0
10
16
Little less than two weeks until
@fwdcloudsec
!
@purely_secure
will be help security professionals shed light on the nuances of Azure Monitor Activity Logs in his session entitled Illuminating Azure: Navigating Log Complexities with A Novel Key.
0
4
15
In case you missed it, a few weeks ago we kicked off a blog series that covers the
@MITREattack
matrix. Our first post covered Cloud Administration Command and our next two posts will cover defense evasion strategies. Stay tuned!
0
6
16
If you find yourself struggling to interpret
#Azure
Monitor Activity Logs,
@Security_Nate
's latest blog post serves as a valuable reference guide to help demystify Azure's logging complexity.
0
7
15
Big thanks to
@merav_br
and
@AmitaiCo
at
@wiz_io
for referencing our research on
#AndroxGh0st
and our open-source tool
#CloudGrappler
in their recent blog article!
0
5
14
We are excited to announce the launch of Azure Activity Log Axe, an open-source tool to simplify and improve the analysis of Azure activity logs!
@purely_secure
recently shared this tool at
@BlueTeamCon
and
@fwdcloudsec
over the last few months and it has been helping security
0
6
13
We're back on the road for another set of great conferences and events over the next few months.
Up first is the
@SANSInstitute
DFIR Summit in Salt Lake City Utah!
@AbianMorina
will be presenting his talk "Cloud Kleptos: Lessons Learned from Responding to Scattered Spider," on
0
4
13
We're back with another blog post in our series on the
@MITREattack
Matrix! This time we're covering 'Steal Application Access Token.'
We highlight some real-world applications, walk through adversary TTPs, as well as provide some detection and mitigation strategies for this
1
3
13
We're teaming up with KPMG for a threat briefing on LUCR-3(
#ScatteredSpider
). Join
@dlabos
and
@TekDefense
as they walk through the TTPs of this threat actor group in both cloud and on-prem environments and get tips on how to defend against their attacks
1
6
13
@danielhbohannon
and
@SecEagleAnd1
will be speaking at this year's Black Hat Asia to discuss Cloud Console Cartographer - a tool they've been working on for the last year.
#BHAsia
Excited to announce that
@SecEagleAnd1
& I were accepted to speak
@BlackHatEvents
#BHAsia
this April in Singapore! We'll release "Cloud Console Cartographer" - our open source tool giving defenders much-needed clarity when hunting thru cloud console logs.
1
6
31
0
5
11
We're excited to offer complimentary threat briefings on Scattered Spider. We'll share TTPs and other intel we've gathered about this group with the security community in order to help teams better defend against advanced threat actors in the cloud.
0
7
11
Permiso is proud to have a few speakers at
@BlackHatEvents
and
@defcon
this year!
First up for Blackhat:
@danielhbohannon
will be taking the stage along with
@sabi_elezi
in their session entitled "MaLDAPtive: Diving Deep Into LDAP Obfuscation, Deobfuscation & Detection." Check
0
4
11
Heading to
@defcon
next week?
@danielhbohannon
will be presenting on the main stage, "(|(MaLDAPtive:¯\_(LDAP)_/¯=ObFUsc8t10n) (De-Obfuscation &:=De*te)(!c=tion)."
DBO will dive deep into LDAP obfuscation, de-obfuscation & detection!He will be presenting Sunday at 11:00 in LVCC
0
2
11
Permiso’s Threat Research Internship program continues to be a valuable model for our growing
@P0Labs
team.
Please help us welcome our most recently-graduated intern/newest full-time Associate Threat Researcher:
@EnisaHoxhaxhiku
!
0
3
11
We're incredibly honored to be named a finalist for the SC Awards in two categories - most promising early stage startup and best threat detection technology!
We are thrilled to be listed among some other great security companies in both categories.
0
6
11
Our team at
@permisosecurity
has invested heavily in our security research interns this summer & we couldn't be happier with what they've achieved.
Please help us welcome our two recently-graduated interns/newest full-time Associate Threat Researchers: Andi Ahmeti & Abian Morina
1
3
9
Thanks to
@kevtownsend
for mentioning our Universal Identity Graph in his recent article on MFA in
@SecurityWeek
:
"Attackers are always innovating. Defenders must do the same. An example in this approach is the Permiso Universal Identity Graph announced on September 19, 2024.
0
5
10
If you're at
@sansforensics
#DFIRSummit
, be sure to check out Abian Morina's session titled "Cloud Kleptos: Lessons Learned from Responding to Scattered Spider." He'll be taking the stage tomorrow, August 23rd at 10:20AM MT!
0
5
10
@TekDefense
takes the stage in about an hour at
@fwdcloudsec
! He'll be talking about some of the lesser known TTPs
#ScatteredSpider
and will be incorporating some fun activities to get the audience involved. Check it out!
0
2
10
We've made some updates to
#CloudConsoleCartographer
!
@SecEagleAnd1
and
@danielhbohannon
have added full unit tests to the project to make it easier for the community to contribute new mappings!
Check it out:
0
5
10
In case you missed it, we launched
#YetiHunter
yesterday! YetiHunter is an open-source tool that helps security teams detect and hunt for suspicious activity in their
#Snowflake
environments.
Thanks to
@ZeljkaZorz
at
@helpnetsecurity
for covering it!
YetiHunter: Open-source threat hunting tool for Snowflake environments - -
@permisosecurity
@TekDefense
#Snowflake
#ThreatDetection
#ThreatHunting
#OpenSource
#CloudSecurity
#CybersecurityNews
#InfosecNews
#ITsec
0
4
4
0
4
9
We're excited to announce we have extended our detection capabilities to include monitoring of
@github
and
@Atlassian
's suite of products including Confluence and Jira.
These new integrations help security teams detect suspicious and malicious activity in their organization's
0
4
11
Part two of our blog posts on Modify Cloud Compute Infrastructure is live! The second half of this two part series covers detections and mitigations for this defense evasion strategy.
0
4
9
Permiso’s Threat Research team continues to grow with more talented security engineers and researchers joining our
@P0Labs
team! Please help us welcome our newest full-time Associate Threat Researcher: Dredhza Braina!
0
4
7
Permiso’s Threat Research team continues to grow with more talented security engineers and researchers joining our
@P0Labs
team! Please help us welcome our newest full-time Associate Threat Researcher: Art Ukshini!
2
2
8
In case you missed it, we're teaming up with KPMG to host a LUCR-3 (
#ScatteredSpider
) Threat Briefing.
@dlabos
and
@TekDefense
will provide tips on how to detect this group in your environment and provide tips on how to defend against them.
0
6
9
In case you missed it - last week, we released research and collaborated with Brian Krebs to surface how threat actors are leveraging non-human identities to compromise AI infrastructure. In short, LLMjacking to power unfiltered sexual roleplaying AI chatbot services.
There
0
3
10
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
0
4
9
Why Identity Providers Aren't Enough to Secure Identities in the cloud
0
4
7
We are excited to announce the launch of Permiso's Universal Identity Graph to provide identity security risk visibility for human and non-human identities across all environments.
You can learn more about our Universal Identity Graph in our recent blog post:
0
3
8
Our second speaker at fwd:cloudsec will be none other than our head of P0 Labs,
@TekDefense
! He will be talking about some of the lesser known TTPs of LUCR-3(
#ScatteredSpider
) in cloud, identity, and SaaS environments.
0
3
8
Permiso’s Threat Research Internship program continues to be a valuable model for our growing
@P0labs
team. Please help us welcome our most recently-graduated intern/newest full-time Associate Threat Researcher:
@ArmelaElezi
!
0
2
8
If you missed
@TekDefense
at fwd:cloudsec, check out his talk on LUCR-3 (
#ScatteredSpider
) while also engaging the audience through a good old fashioned game of bingo.
Had the opportunity to talk at my fave conference
@fwdcloudsec
last week, about one of my favorite topics; How LUCR-3 (
#ScatteredSpider
) operates in
#cloud
,
#saas
, and
#identity
. Watch the talk to learn about their
#TTPs
!
2
5
23
1
2
8
We’re excited to announce that Permiso Security will be sponsoring mWise in Denver next week! Come visit us at Booth
#526
in the Expo Hall on Sept 18-19 to chat about all things Identity Threat Detection and Response. See you there!
0
2
8
Our second speaker at
@BlueTeamCon
next week will be
@AbianMorina
! Abian's talk, "Cloud Kleptos: Lessons Learned Responding to
#ScatteredSpider
" will be on Saturday, September 7th at 2pm.
0
5
8
We are LIVE at
#HISAC
! If you are the event be sure to stop by booth 35 and say hi to Danielle M. Gagnon and Andrew Kraut and learn how Permiso is detecting identity-based attacks for some of the largest cloud environments!
0
2
8
Today is the day! Join
@dlabos
and
@TekDefense
today at 1pm ET for an in-depth threat briefing on
#ScatteredSpider
.
0
4
8
Big thanks to
@BillyHurls
for featuring
#YetiHunter
in his recent article in
@ITBrew
!
"We really want to take all this institutional knowledge we’ve had from responding to a lot of these attacks, and put it in a tool where people can do this easily without having to hop on a
0
3
8
In our most recent episode of Cloud Tales,
@__muscles
talks with
@jlm_sec
and
@paulsnguyening
about his role as VP of Security Engineering at HashiCorp, and how the experience he gained at Netflix helped his career development.
0
3
6
Heading to
@fwdcloudsec
in a few weeks? Check out
@Security_Nate
's session as he talks about how the loose nature of AWS’s naming conventions allows for inputs that can negatively affect detection capabilities and potentially obscure an attack.
0
1
7
Join us this Thursday for our first episode of Cloud Tales!
Our first guest will be
@chanjbs
. Join us Thursday at 1pm ET to hear some stories of his career progression, his time at Netflix and more.
0
2
6
We are LIVE at
@mWISEConference
! Stop by booth 526 and visit
@paulsnguyening
,
@PermisoRandall
,
@gl4ssesbo1
and team to learn how Permiso covers your *aaS in the cloud to defend against identity-based attacks.
0
2
6
We are excited to have Rich Friedberg join us as our guest for the third episode of Cloud Tales! Rich has spent the last few years as CISO of Live Oak Bank, and his experience includes time at Capital One and Blackbaud.
For the last nine years, Rich has served as an adjunct
0
2
6
We appreciate
@phillmoore
mentioning our research on the recent Okta credential stuffing campaign in the latest issue of This Week in 4n6.
If you haven't yet checked out this newsletter, it's one to add to your reading list!
0
2
6
Two Permiso research articles on the recent issue of CloudSecList!
1️⃣ Ian Ahl's: Deja Vu or New View: Latest Okta Credential Stuffing Campaign
2️⃣ Unmasking Adversary Cloud Defense Evasion Strategies: Modify Cloud Compute Infrastructure Part 1
0
6
7
@gl4ssesbo1
is hitting the stage at
@BlackHatEvents
on Wednesday! Check out his session, "Nebula - 3 years of kicking butts and taking usernames" on Wednesday from 4:25pm-5:35pm. His session will be in the Business Hall - Arsenal Station 7!
0
5
7
Interested in going to Mandiant mWise in Denver on Sept 18-19? We’ve got discounted full conference, free Expo+ and digital-only passes to share with the community. Drop a comment if you’re interested or message
@PermisoRandall
0
3
6
This month’s last addition to the Permiso Threat Research team involves refilling our talent pipeline with another talented senior university student. Please help us welcome our newest Threat Research Intern: Ela Dogjani!
1
1
6
Thanks for covering
#YetiHunter
in tl;dr sec
@clintgibler
! We appreciate you sharing it with the security community.
📚 tl;dr sec 236
🧑💼 Interview Qs
@PentesterLab
,
@JulieASparks
❄️ Securing your Snowflake
@Mandiant
@SpecterOps
@jaredcatkinson
@gl4ssesbo1
🤖 Agentic LLM vuln scanner
😈 Malicious VS Code extensions
@amitassaraf
🍎 Apple AI announcements
@trailofbits
1
6
17
0
1
6
In a little more than two weeks,
@HashiCorp
's VP of Security Engineering
@__muscles
will be joining us for the next episode of Cloud Tales!
Sign up today!
0
1
6
Thanks to
@ITOpsTimes
for making
#CloudConsoleCartographer
the Open-Source Project of the Week!
0
0
6
Excited to announce our launch with a fantastic group of investors and advisors!
@p72vc
@FoundationCap
@rain_capital
@112capital
@Work_Bench
@chanjbs
@csima
@txs
and many more!
0
2
5
Thanks to the team at
@datadoghq
for citing our research on GUI-vil in their product docs on AWS IAM activity by S3 browser utility.
0
0
6
Permiso's threat research internship program has attracted top security talent, enabling our senior research team to mentor and collaborate on innovative projects with them. Our latest intern has excelled, merging engineering and data architecture skills with expertise in cloud
0
2
6
In our most recent episode of Cloud Tales,
@__muscles
talks to
@paulsnguyening
about some of the projects he is most proud of in his career, including detecting credential compromise of EC2 during his time at Netflix, as well as sharing the stage with
@travismcpeak
at re:Invent
0
3
4
In our latest episode of Cloud Tales,
@__muscles
talks to
@paulsnguyening
and
@jlm_sec
about how
@netflix
's security maturity made working there so special.
0
2
5
If you're attending the
@SANSInstitute
Fall Cyber Solutions Fest 2024,
@TekDefense
will be speaking in the Detection and Response track! Ian will be walking through how threat actors compromise both human and non-human identities to conduct attacks that span across both cloud and
0
1
5
With the increase in breaches resulting from compromised identity providers, we're kicking off a two-part blog series on why identity providers aren't enough to secure identities in the cloud
0
4
5
We appreciate
@helpnetsecurity
listing
#YetiHunter
on their list of open-source cybersecurity tools
33 open-source cybersecurity solutions you didn’t know you needed - -
@authentikio
@bunkerity
@NSAGov
@matte_lodi
@JPS_CTI
@ThePGriffiths
@NeilC_Portainer
@radareorg
@StamusN
@JayGohil_
@mrexodia
@permisosecurity
#OpenSource
#Software
#CyberSecurityNews
2
4
9
0
1
5
We're excited to be joined by
@__muscles
, VP of Security Engineering and Operations at
@HashiCorp
next Thursday. We had a blast with
@chanjbs
and look forward to talking to Will about all things security and identity in the cloud.
0
1
5
Permiso's VP of Threat Research, Ian Ahl (
@TekDefense
) talks about the latest cloud security attacks with LemonDuck!
Cryptomining botnet targeting Docker on Linux systems via
@csoonline
0
3
5
We at
@permisosecurity
are excited to announce our newest Threat Research Intern, Enisa Hoxhaxhiku - !
She joins us from
#Kosovo
🇽🇰 having just completed her undergraduate degree in Computer Science & Engineering from
@UBTEducation
.
Mirëseerdhët/Welcome!
0
1
5
The Permiso Team is at secureCISO Dallas today with
@cxosync
discussing securing your cloud environments and the importance of identity security.
0
1
5
We're back on the road over the next few months, speaking and exhibiting at some great conferences!
09.21:
@SFISSA
10.19:
@BSidesNYC
10.23:
@BlackHatEvents
SecTor
10.28:
@SANSInstitute
HackFest Hollywood
11.07:
@SANSInstitute
Fall Cyber Solutions Fest
12.12:
@BlackHatEvents
1
2
5
Our own P0 Labs unveiling a new impersonation technique in Okta.
.
@permisosecurity
researchers reported discovering an impersonation technique in .
@okta
elevated rights as an impersonated user in another application or environment such as .
@Azure
, .
@googlecloud
or .
@awscloud
#cybersecurity
#cloudsecurity
#infosec
0
7
7
0
4
5
If you weren't able to make fwd:cloudsec this year, you can check out
@purely_secure
's session on navigating log complexities in
#Azure
on youtube.
0
2
5
As Permiso continues to accelerate our product development, we are excited to welcome Ardit Zubaku to our engineering team!
Please join us in welcoming Ardit to the team!
0
1
5
As Permiso continues to accelerate our product development, we are excited to welcome Zana Guda to our engineering team!
Zana enjoys working end-to-end and has an interest in data visualization and interaction!
0
2
5
As Permiso continues to grow our marketing team, we are excited to welcome Madaline Finfrock Wahler as our Sr. Manager of Demand Generation!
Maddy's experience includes fast growing startups like Randori and Split, where she helped lead demand generation and field marketing
0
2
5
We are LIVE at
#Identiverse
! Swing by booth 2325 to learn more about how Permiso is detecting identity-based attacks across the cloud's attack surface!
0
1
4
Permiso further enhances our Threat Research team by welcoming
@isufdeliu
as Threat Research Manager.
Isuf earned his MS degree in Information Security from the Norwegian University of Science and Technology (NTNU) and brings over 8 years of experience.
Please join us in
1
1
5
As Permiso continues to grow our product development team, we are excited to welcome Melisa Alaj to our engineering team!
Please join us in welcoming Melisa to the team!
0
1
4
Thanks to
@roblemos
at
@DarkReading
for covering Cloud Console Cartographer in his recent article!
0
2
5
📖 CloudSecList Issue 234 just got released, w/ content from
@plerionhq
@OrcaSec
@datadoghq
@withsecure
@permisosecurity
and more!
0
2
7
0
1
5
Just a few days away from
#fwdcloudsec
and we're getting excited!
@purely_secure
and
@TekDefense
will be speaking on Monday and Tuesday, respectively.
Also, be sure to join us Monday for Pinball, Pool and Pints with Permiso at
@Carpoolbar
!
0
0
5
We're back with another blog post in our series covering techniques in the MITRE ATT&CK Matrix! This time we're tackling Credential Access - Secrets from Password Stores.
0
1
4
We are LIVE at
@fwdcloudsec
!
✅ Permiso cover your *aaS t-shirts
✅ Permiso Survivors, our video game, is back!
✅ Pinball, Pool and Pints with Permiso tonight at 8pm at Carpool.
@purely_secure
hits the stage today at 4:20pm.
Let's go!
0
1
4
Big thanks to
@BushidoToken
for referencing our research on
#ScatteredSpider
in this article on the
@SANSInstitute
blog!
0
0
4
In our recent episode of Cloud Tales, Rich Friedberg talks about what it was like being the CISO at Blackbaud during their breach in 2020.
0
2
4
Thank you for highlighting
#YetiHunter
,
@clintgibler
!
🔎 YetiHunter: An open-source tool to detect and hunt for suspicious activity in Snowflake
Leverages indicators from Snowflake, Mandiant, Datadog, and Permiso
Includes queries to identify unauthorized access, data exfiltration + more
By
@gl4ssesbo1
1
35
99
0
1
3
We are excited to have
@__muscles
, VP of Security Engineering and Operations at HashiCorp, join us for our second episode of Cloud Tales!
0
2
4