Kennedy

🎊 Introducing: Mitigant Threat Catalog 🎊 Super excited to launch the Mitigant Threat Catalog ▶️ threats.mitigant.io If you've ever stared at a @MITREattack technique & wondered, "What does this actually look like in my @awscloud environment?", this is for you. 🧵👇

Can an attacker take over your AI agent? Probably, and the impact could be nasty. Want to know how - read on 🔻 x.com/run2obtain/sta…

@PaloAltoNtwks @Unit42_Intel Running Bedrock AgentCore in production ? You'd wanna take the necessary steps to harden your infrastructure. 🙌 ⭐ More details in comprehensive analysis ->> unit42.paloaltonetworks.com/exploit-of-aws…

@PaloAltoNtwks @Unit42_Intel ⚙️ Path 3 - Code Interpreter Privilege Escalation: The agent can invoke any Code Interpreter, even in higher-privileged contexts. 🤖 Path 4 - Cross-Agent Invocation: Execution/invocation of any other agent in the account - the impact is left for imagination.

AgentCore provides an agnostic layer for agentic infrastructure management across the major LLM providers. But this agnostic management layer could easily become a source of pain, as recently discovered by @PaloAltoNtwks @Unit42_Intel 🙀

☠️ AgentCore or AgentSore: One Agent to Rule Them All ☠️ What happens when convenience + productivity become accelerators of attacker speed? 👀 That is exactly the scenario demonstrated by the recently discovered security issue in @awscloud Bedrock AgentCore. 👇👇

@MITREattack Why now? 🤔 AI is multiplying the number of findings & vulnerabilities. The reflex answer is patch faster. The right answer is validate first. Turn the noise into the signals that REALLY matter. ⚔️ 👉 More in the release blog: mitigant.io/en/blog/featur…

Numbers that matter: 🔥 85% noise reduction from posture to exploitable findings 🔥 ~5-minute Mean Time to Validate (MTTV) from pentest start to client-ready report 🔥 300+ cloud attacks available for deeper adversarial engagement, mapped to @MITREattack

🎉 Mitigant Cloud Pentest Now Supports Wiz & Prowler 🎉 Excited to announce Mitigant Cloud Pentest now supports @wiz_io and @prowlercloud, driven by strong demand from our customers and partners. What you get: 👇

@MITREattack @awscloud Check out this solid use case ->> validating @awscloud Service Control Policies

🎊 Introducing: Mitigant Threat Catalog 🎊 Super excited to launch the Mitigant Threat Catalog ▶️ threats.mitigant.io If you've ever stared at a @MITREattack technique & wondered, "What does this actually look like in my @awscloud environment?", this is for you. 🧵👇

SCPs are a double-edged sword. Use it well, and you are protected. Make a mistake, and it bites back. 😵 See how to avoid the common mistakes 👇 x.com/run2obtain/sta…

@awscloud @MITREattack How do you validate SCP effectiveness in your @awscloud environments? Leverage the @cyber_mitigant threat catalog! Techniques are described, with the corresponding CLI commands. Easily emulate multi-step attacks - all in one place. 👉 Check it out threats.mitigant.io

@awscloud 💥 Concrete example: Modify Cloud Resource Hierarchy: Leave Organization is an AWS-specific @MITREattack technique in which attackers remove member accounts from AWS Organizations. Two API calls, and a huge chunk of security control eroded. 🙀 -> threats.mitigant.io/techniques/?id…

🛡️ SCP Effectiveness: Don't Fall on Your Sword 🗡️ SCPs are among the most powerful preventive controls in @awscloud. They allow centralized access control across multi-account environments. However, deploying SCPs is one thing. 🥳 Trusting them is another. 🤔