Announcing YetiHunter: An open-source tool to detect and hunt for suspicious activity in Snowflake

Illustration Cloud

Permiso Alerts Module v1 Launched

We are very excited to announce a major release to our Permiso Alerts Module. This release currently includes dozens of unique cloud detection rules born from the front lines experience of our P0 Labs team and its support of incident response and observed attacks over the last year. P0 labs will be adding new rules on a continuous basis based on techniques we are observing in the wild and research into cloud security threats.

Alert Table

This release is the beginning of what we believe will be a revolutionary way to detect malicious activity in the public cloud. Not only will be we adding content to detect a broader set of activities in the environment but the first of its kind approach to linking the “multiverse” of identities within your environments. Legacy approaches focus on single event or basic multi-event correlation from your SIEM or cloud-native solutions. Today, Permiso unveils the ability to detect threat actors across credentials and sessions in the environment as they pivot across your infrastructure no matter where they came from or where they go.

Alert Diagram

Following the attackers across the “multiverse” of each credential and its timeline is complex and time consuming to reconstruct especially as they compromise credentials and pivot to create footholds with new credentials in the environment or escalate their privileges. Piecing this together takes hours and days but we’ve spent the last 2 years studying the adversaries and building the tooling to track them across the multiverse within seconds and minutes while alerting you of this malicious behavior.

We’re offering a free trial of the Permiso platform and a personalized Cloud Compromise Assessment to identify any potential indicators of compromise from our corpus of indicators and detection rules. It takes 10 minutes to onboard to Permiso and just sit back and relax and let P0 Labs take care of the rest! Even if you just want to chat with P0 Labs and learn about some of the latest cloud infrastructure attacks we’re happy to just chat too 🙂

Reach out to us if you have any questions about this release or our roadmap.

~Team Permiso ❤️

Illustration Cloud

Related Articles

Permiso extends cloud threat detection and response capabilities with the addition of support for Azure, Azure AD, and Microsoft 365

Permiso is thrilled to announce our latest release, which includes support for Azure, Azure AD, and Microsoft 365. This release extends our powerful cloud detection and response capabilities by bringing our cutting-edge identity attribution,

View more posts