Sweet Security

At Sweet Security, we’re on a mission to revolutionize cloud security: https://hubs.li/Q032SWcT0 In a recent Security Boulevard feature, our Co-founder and CPO, Eyal Fisher shares how we’re harnessing the power of LLMs to transform the landscape of cloud detection and response. Our LLM-powered detection engine goes beyond the ordinary—uncovering zero-day attacks, detecting unknown patterns, and effortlessly managing even the most complex cloud environments. 🔗 Dive into the full story here: https://hubs.li/Q032SWcT0 Michael Vizard #SweetSecurity #LLM #CNAPP #CloudNativeDetectionandResponse #CloudSecurity

Just when we heard Sweet’s detection engine couldn’t get any better… 💥

Cloud security will never look the same. We have big news for you today: https://hubs.li/Q032FbhJ0 We’re thrilled to unveil our groundbreaking LLM-powered cloud detection engine, set to revolutionize cloud detection and response like never before: 💥What Sets It Apart: ✅ Unprecedented Precision: Reduces cloud detection noise to just 0.04%. ✅ Advanced Threat Detection: Identifies "unknown unknowns," such as zero-day attacks and never-before-seen patterns. ✅ Streamlined Incident Response: Delivers intuitive heat maps, actionable incident labels, and clear ownership assignments. ✅ Scalable ADR: Brings clarity to complex cloud environments by correlating attack patterns with extensive application data. The new era of cloud security is here. Learn more here: https://hubs.li/Q032FbhJ0 HackRead Media #SweetSecurity #CNAPP #CloudNativeDetectionandResponse #LLM #CloudSecurity #ThreatDetection

Open-source makes software development faster, more innovative, and downright magical. But… (there’s always a “but,” right?) it also comes with risks—especially in the software supply chain. That’s where Sweet Security’s Package Reputation comes into play! Think of it as a superhero sidekick that: 🕵️ Spots risky third-party packages before they cause trouble 🛡️ Catches vulnerabilities before they’re even published 🚀 Helps you focus on what really matters—keeping your software safe By checking for a variety of risks within each package, such as whether it includes shady URL links, has reached its end-of-life, or has a malicious owner, security teams can feel more confident when utilizing the package. Want to learn more? Check out the blog here: https://hubs.li/Q032wd2J0 #SweetSecurity #OpenSource #CloudNativeDetectionandResponse #CloudSecurity

📢 News! Sweet Security + Illustria = proactive risk management for open-source software! 🚀 We’re excited to announce our collaboration with illustria.io to deliver proactive supply chain risk management for open-source software! This collaboration combines Sweet Security’s runtime insights with Illustria’s advanced risk intelligence, empowering teams to: ✅ Detect vulnerabilities early ✅ Mitigate typo-squatting and dependency confusion ✅ Secure open-source components with confidence Read the full announcement here: https://hubs.li/Q031RDrr0 Idan Wiener #SweetSecurity #Illustria #SupplyChainSecurity #OpenSource #CloudSecurity

When it comes to vulnerabilities, security teams face an overwhelming number to address. The ability to prioritize effectively is necessary and one of the most impactful ways to reduce the noise is by identifying whether a vulnerable package is executed at runtime. According to data from Sweet Security's customers, less than 10% of known vulnerabilities exist in packages that are actually executed, meaning the vast majority of flagged vulnerabilities never even come into play during runtime and pose no real threat. We then take it one step further by providing the most granular runtime visibility - down to the exact executed vulnerable function within the package. This ensures teams only focus on vulnerabilities that actually matter—ones that are actively exploitable in the environment. Listen in as Gil Pinchasian and Sarah Elkaim break down how identifying executed vulnerable functions is key to prioritizing vulnerabilities.

Cloud security teams, your mornings just got easier. Sweet’s Issues Hub prioritizes critical risks like misconfigurations, vulnerabilities, and plaintext secrets, so you can focus on preventing breaches before they happen. Why It’s a Game-Changer: ✅ Pinpoint and prioritize risks ✅ Assign tasks to the right teams ✅ Shift from reactive to proactive security Learn more here: https://hubs.li/Q031hWpl0 #SweetSecurity #CloudNativeDetectionandResponse #Cybersecurity #CloudSecurity

From our Sweet family to yours, happy holidays! Wishing you a season filled with joy, peace, and prosperity. Thank you for being a part of our journey this year, here’s to an even brighter 2025!

Attackers think cross-account attacks are invisible—they should think again. Cross-account role assumptions are increasingly becoming a favored tactic for attackers to move laterally and gain control over cloud environments. To make matters worse, attackers often cover their tracks by deleting activity logs, delaying detection. Sweet Security unifies data from sensors and logs to uncover even the most complex cross-account attacks, ensuring no malicious action goes unnoticed. Read about how we do it: https://hubs.li/Q030vvqH0 #SweetSecurity #UnifiedDetection #CloudNativeDetectionandResponse #CloudSecurity

🎄❄️Just in time for the holidays: CVE-2024-53677 🚨 A new vulnerability in Apache Struts (versions 2.0.0–2.5.33 and 6.0.0–6.3.0.2) is putting web applications at serious risk! Exploited via the FileUploadInterceptor, attackers can perform path traversal and potentially achieve remote code execution, with a CVSS score of 9.5. 🍭 The Sweet Difference: Thanks to Sweet Security's Runtime Vulnerability Management, we’ve analyzed this vulnerability across our customers' cloud environments: 🔎 Only 5% of customers with this vulnerability have it loaded 🔎 Of that, just 3% have it actively executed How Sweet Can Help: Sweet Security provides real-time insights into your cloud workloads and applications, helping you pinpoint and address vulnerabilities before they’re exploited. ✔️ Detect and mitigate vulnerabilities across your cloud-native stack, including apps & workloads ✔️ Get runtime context to focus on what's actively exploitable ✔️ Respond instantly with automated measures to safeguard critical systems Patch your Apache Struts instances to version 6.4.0+ now, and let Sweet Security ensure you stay ahead of emerging threats like CVE-2024-53677. #CloudSecurity #SweetSecurity #CDR #CNAPP #ADR #RuntimeSecurity #Apache #WebApplications