Mitiga at RSAC 2025: Visit our booth, attend speaking sessions, and schedule a meeting with us!

We’re proud to release Investigation Workbench, a first-of-its-kind cyber solution that provides instant clarity on all multi-cloud and Software-as-a-Service (SaaS) activities through a single pane of glass. This innovative capability further enhances Mitiga's IR2 Platform, the industry’s only complete cloud investigation and response automation (CIRA) solution.

At a moment when the Securities and Exchange Commission (SEC) is requiring public U.S. companies to report material cybersecurity incidents within 4 days, enterprises are also facing prevalent, damaging, and sophisticated cloud and SaaS incidents. An advancement like Investigation Workbench is invaluable to ensure enterprises have the capabilities required to respond.

“Incident response readiness is a critical step in achieving cyber resilience,” said Dave Gruber, Principal Analyst, Enterprise Strategy Group. “Our research ranks cloud as the top priority for detection and response, which indicates that many organizations still lack the visibility and data needed to rapidly investigate, understand, and respond to attacks within cloud and SaaS applications and infrastructure. Mitiga is helping organizations close this gap with tools like Investigation Workbench and its IR2 Platform that continuously capture, organize, and query forensics-grade cloud data at scale, augmented further by insights from Mitiga's cloud and SaaS IR experts. Incident response can be a slow arduous process in the cloud, and Mitiga is helping simplify and accelerate it.”

Using Mitiga’s Investigation Workbench, Security Operations Center (SOC) teams can see chains of events across vast cloud and SaaS estates to understand the extent of the activities and impact without possessing deep cloud and SaaS investigation expertise. Determining materiality in a short span becomes not only viable but remarkably simpler, empowering internal Incident Response (IR) and SOC teams in a whole new way. They can now quickly decide which cloud and SaaS incidents they can effectively manage in-house, and which larger incidents demand both disclosure and additional support and expertise to contain.

"Since inception, Mitiga has been dedicated to helping organizations proactively prepare for cloud and SaaS attacks so they can respond immediately and get back to business as usual,” stated Tal Mozes, co-founder and CEO, Mitiga. “We enable a level of resilience for modern enterprises that traditional methods can’t. The majority of the industry is playing catch-up, only now understanding that incident response in the cloud and SaaS requires new capabilities to deliver faster response times, reduced investigation overhead, and continuous breach detection. Investigation Workbench builds off our important industry research, helping companies combat today’s sophisticated threats. Not only does it take the market to a new level by removing complexity for internal IR and SOC teams—enabling them to quickly understand an incident and take immediate action to minimize downtime—but it also furthers our leadership position in this emerging CIRA space.”

Investigation Workbench can be used in any situation where there is a need to investigate cloud or SaaS activities, including a security alert, suspected phishing incident, or unusual user behavior, to understand exactly what happened. For example, if a user has been phished, Investigation Workbench can be used to see what actions the user took after the phishing incident. It provides an automated timeline of activities, allowing security teams to assess whether the user downloaded files, read certain emails, or performed other actions that could indicate a security breach. With Investigation Workbench, organizations can swiftly determine whether an incident is minor and can be managed internally or if it's substantial and necessitates further expert intervention.

“2023 has been a tremendous year for Mitiga,” said Mozes, “and we’re so pleased to end the year with the availability of this innovative solution.”

LAST UPDATED:

May 4, 2024

See cloud and SaaS activities clearly. Learn more about Investigation Workbench.

Don't miss these stories:

Make Cloud Attacks Yesterday’s Problem with Mitiga at RSA Conference 2025

Visit Mitiga at booth number N-4618 at RSA Conference 2025 to learn about cloud detection and response.

Uncovering Hidden Threats: Hunting Non-Human Identities in GitHub

In the last few days, two compromised GitHub Actions are actively leaking credentials, and a large-scale OAuth phishing campaign is exploiting developer trust.

Can vulnerabilities in on-prem resources reach my cloud environment?

What risk does this Zoho password manager vulnerability present, and could this on-prem vulnerability impact cloud environments as well?

Log4Shell - identify vulnerable external-facing workloads in AWS

Cloud-based systems should be thoroughly searched for the new Log4j vulnerability (CVE-2021-44228). But this is a daunting task, since you need to search each and every compute instance, from the biggest EC2 instance to the smallest Lambda function. This is where Mitiga can help.

How Transit Gateway VPC Flow Logs Help Incident & Response Readiness

In this blog, we will focus on the security and forensic aspects of Transit Gateway VPC flow logs and expand the way they can be used by organizations to respond to cloud incidents.

Uber Cybersecurity Incident: Which Logs Do IR Teams Need to Focus On?

On September the 16th, Uber announced they experienced a major breach in their organization in which malicious actor was able to log in and take over multiple services and internal tools used at Uber. What are some of the logs that IR teams should be focusing on in their investigation?