Announcing YetiHunter: An open-source tool to detect and hunt for suspicious activity in Snowflake

Illustration Cloud

P0 Labs: Helping stay ahead of cloud adversaries

As organizations continue to accelerate the shift to cloud, adversaries are following. Over the past ten (10) years I have had the opportunity to lead some of the largest and most impactful public and private Incident Response (IR) engagements at Mandiant. In recent times, it is hard to come across an investigation that does not contain at least some cloud component, and many that take place only in the Cloud.

Unfortunately for most organizations, expertise and tooling around cloud security has not advanced at the same rate as cloud adoption. Additionally, cloud environments are becoming increasingly complex. At Permiso, we aim to narrow the gap by providing Identity focused Cloud Detection and Response.

For p0 Labs, we have compiled a team of industry leading experts in IR and Red Teaming. With our combined experience, the focus will be to convert our front line IR knowledge into runtime detection on the Permiso platform, identifying intrusions in client environments, and stay ahead of adversaries attacking cloud.

We are passionate about finding evil in the cloud and teaching others how to do so as well. Keep an eye on our blog for articles related to what we are observing and researching!

Thank you,

Ian Ahl

VP of p0 Labs

Illustration Cloud

Related Articles

Permiso Launches Cloud Console Cartographer to Help Security Teams Make Sense of Console Activity in Cloud Logs

The open-source tool helps security teams easily transcribe log activity generated from events of AWS console sessions

Permiso Raises $18.5M Series A To Unify Threat Detection and Response In The Cloud

Permiso’s product offers a deep library of detection signals from known TTPs of modern threat actors and spans coverage across the cloud’s attack surface to detect threats in the cloud more quickly than ever

Permiso Launches CloudGrappler To Help Security Teams Better Detect Threat Actors In Their Cloud Environments

Free open source tool detects activity in cloud environments related to well-known threat actors such as LUCR-3 (Scattered Spider), the group responsible for MGM and Caesars breaches last September

View more posts