Cloud Detection and Response Survey Report

GET THE REPORT
Hamburger
Close Icon
Linkedin
Linkedin

© Permiso Security 2022

|Privacy Policy|Terms

PØ LABS: RESEARCH FROM THE BATTLE FRONT

The threat researchers in PØ Labs watch incidents live, as they occur. Working right on the front lines of cloud threat, we can learn more than anyone else about the latest techniques of adversaries. And we when see something new, we’re very transparent.

see what we’re tweeting
PØ LABS
Ian Ahl

LUCR-3: Scattered Spider Getting SaaS-y in the Cloud

Ian Ahl | 09.20.23

Star featured research
Summary LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages...
Read More
Illustration Cloud
Illustration Cloud

LATEST CLOUD-SHAKING INSIGHTS

Ian Ahl
Research, Featured Research, Featured

LUCR-3: Scattered Spider Getting SaaS-y in the Cloud

Ian Ahl | 09.20.2023

Summary LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing

Read More
Jared Elder
Analysis

Cloud Detection and Response Needs To Break Down Boundaries

Jared Elder | 08.31.2023

For the past several years, the security and engineering community have repeatedly heard the adage that "identity is the new perimeter." While identity has long been a pillar to managing security risks in various environments, it's perhaps never

Read More
Corey Ahl
Research

Intern Showcase: Anonymizing Logs Made Easy with LogLicker

Corey Ahl | 08.17.2023

LogLicker On GitHub: https://github.com/Permiso-io-tools/LogLicker Introduction Logs play a crucial role in monitoring and analyzing system activity, but handling sensitive information within them can be a daunting task. Whether you're sharing

Read More
View more posts
illustration-cloud-bottom-2

CLOUD INCIDENT RESPONSE

cloud Infrastructure Paranoia?

Get a free first consultation with the PØ Labs team, led by former Mandiant incident responders. See how PØ Labs identifies compromised infrastructure and helps you respond.

CLOUD HERO, PLEASE
CLOUD INCIDENT RESPONSE

CLOUD COMPROMISE ASSESSMENT

See Who’s Cloud-Lurking Now

PØ Labs can give you a full rundown of who’s in your environment, what they’ve been doing, and if you should be worried. Best case, there’s nothing to worry about.

ASSESSMENT, PLEASE
CLOUD COMPROMISE ASSESSMENT
Cloud

YOUR FRONT-LINE RESEARCH TEAM

Ian Ahl

Ian Ahl

SVP of Threat Research

20+ years of experience starting in the USMC, 8 Years Mandiant IR and Advanced Practices: tracking, detecting, and responding to nation state threat actors.

My favorite dessert is warm dark chocolate brownies with vanilla ice cream and some chocolate drizzle!

LinkedIn
Daniel Bohannon

Daniel Bohannon

Principal Threat Researcher

UGA B.S. CompSci, Georgia Tech M.S. InfoSec, 13+ years IR & researcher roles including Mandiant Advanced Practices Team & Microsoft, OpenSource tool developer (e.g. Invoke-Obfuscation)

My favorite dessert is a lavender latte - to be enjoyed during or between any meal of the day

LinkedIn
Andrew Kraut

Andrew Kraut

Senior Threat Researcher

25+ years as an InfoSec generalist

My favorite dessert is chocolate marshmallow churro fries (from Award Weiners at Disney’s California Adventure).

LinkedIn
Nathan Eades

Nathan Eades

Senior Threat Researcher

RMU B.S. CIS, RMU M.S. InfoSec, 8+ years in IT with roles in software development, cybersecurity consulting, data loss prevention, threat detection and threat research

I cannot insult the other desserts by choosing one.

LinkedIn
Bleon Proko

Bleon Proko

Threat Researcher

4 years on IT and cyber security working in Telecommunication, MSP, and Bank.

I tend to not eat sweets, but if I had to choose, trilece.

LinkedIn
Ricardo Arancibia

Ricardo Arancibia

Data Scientist

~4 years of experience solving problems using Data Science and building end-to-end ML solutions in a wide variety of industries. Co-founded an official ML Google community with +500 members.

My favorite dessert is any and all combinations of coffee and chocolate. I enjoy coffee in my chocolate and chocolate in my coffee.

Andi Ahmeti

Andi Ahmeti

Security Research Intern

Experienced Computer Engineering senior student with a 6-month internship as a Security Engineer. Passionate about cybersecurity and skilled in software development, hardware design, and system architecture.

My favorite dessert is any and all combinations of coffee and chocolate. I enjoy coffee in my chocolate and chocolate in my coffee.

LinkedIn
Abian Morina

Abian Morina

Security Research Intern

Computer Science and Engineering student specializing in Information Security and Assurance. 1+ year of experience as a Penetration Tester/Bounty Hunter.

My favorite dessert is any and all combinations of coffee and chocolate. I enjoy coffee in my chocolate and chocolate in my coffee.

LinkedIn
Mela Elezaj

Mela Elezaj

Security Research Intern

Business Informatics second year university student. Cybersecurity, research skills and database exploring.

My favorite dessert is any and all combinations of coffee and chocolate. I enjoy coffee in my chocolate and chocolate in my coffee.

LinkedIn