MITIGA LABS

Cutting-Edge Cloud Research.
Real-World Cloud Defense.

Welcome to Mitiga Labs, our research and innovation arm built to expose how modern attackers operate in Cloud and SaaS. We break down real campaigns and publish practical guidance tohelp security teams stop cloud attacks from having impact. Our research powers the Zero-Impact Breach Prevention approach at the core of the Mitiga platform.

Explore Our Research

What We Saw in 2025. What Comes Next.

The Cloud Attack Campaigns and Research that Defined a Year.

2025 was the year the threat got smarter. Attackers skipped zero-days and walked in through trusted identities, OAuth links, API chains, and lateral SaaS paths.

Read Full Report

LET THEM COME

What We Saw
in 2025. The Year the Threat Got Smarter

A Threat Intelligence Report from Mitiga Labs

Purposeful Insights on the Cloud Security Frontier

Mitiga Labs is where we tear into the latest Cloud, SaaS, AI, and Identity attacks. Our researchers decode how adversaries operate and turn that knowledge into defense strategies that stop cloud attacks from having impact. Every discovery fuels Mitiga’s Zero-Impact Breach Prevention.

Meet the Team

Latest from the Labs

Explore the latest discoveries, deep dives, and technical how-tos from the Mitiga Labs team. Our research is dedicated to informing defenders and disrupting attackers.

007: License to SKILL P.2 - Slack Compromise Through Claude Code

For years, adversaries have abused corporate email to pull off Business Email Compromise (BEC): phishing employees, working their way into more mailboxes, and eventually reaching the person who can move money or data.

Read More

RESEARCHERS

Idan Cohen

AI Adoption: The Ride So Far

Roei Sherman has been using AI tools and is now more productive at work. But the question that keeps him up isn’t “am I better?” – it’s “am I better enough?” This blog talks about working with AI and the hiccups and learning moments that come with it. We need to request a blog image to accompany this blog, as well as a social image to help us promote the blog.

Read More

RESEARCHERS

Roei Sherman

Inside AWS Login: Exploring a New Phishing Method

In November 2025, AWS introduced AWS Login. Within weeks, we built a fully AWS-hosted phishing kit that abuses it.In this blog, we'll walk through how the feature works under the hood, how we turned it into a reliable phishing primitive, and what you can do to detect and mitigate similar abuse in your own environment.

Read More

RESEARCHERS

Idan Cohen

Strictly Come Detecting

Security teams aren’t short on detections. They’re short on signal within the noise from everyday environments.

Read More

RESEARCHERS

Jed Morley

What Supply Chain Attacks Teach Incident Responders

Supply chain attacks hide behind trusted vendors. Learn how incident responders detect, scope, and contain vendor compromise in cloud and SaaS environments.

Read More

RESEARCHERS

Jed Morley
View More

Research Team

Austin Bollinger

Principal Incident Responder

Ariel Ainhoren

Head of Cloud Security Research

Ucha Gobejishvili

Senior Incident Responder

Roei Sherman

Senior Director | Mitiga Research

Idan Cohen

Cloud Researcher

Jed Morley

Senior Incident Responder

Yael Ben Yair

Cloud Security Researcher

Asad Saffoury

Cloud Security Researcher

Nir Varon

Security analyst

Mitiga Helios AIDR

The next critical capability for Mitiga's Al-native CDR platform is here.
Explore our solution that empowers and automates SecOps, protects AI infrastructure, and defends against AI-sclaed attacks.

Learn More

Featured Videos

Cloud, Identity & SaaS Forensic, Investigation-Not What You Think!

RSA CONFERENCE
Learn More
From Snowflake to Snowstorm: Navigating Breaches and Detections

RSA CONFERENCE
Learn More
Getting Real & Hitting the Fan 2025: Think You See Me? No You Don't!

RSA CONFERENCE
Learn More

Get resilient

Get a demo
Get a Demo

Copyright © Mitiga Security Inc. All rights reserved | Terms of Use | Privacy Policy