Blog

By now, you’ve probably read Verizon’s 2025 Data Breach Investigations Report (DBIR) (or skimmed the highlights on LinkedIn.) Ransomware attacks are up. Credentials are leaking like a broken pipe. Exploits are targeting your edge devices. You know the drill. But let’s step back. What the DBIR really reveals, beneath the usual stats and graphs, is something much bigger. It exposes a fundamental misalignment in how most organizations think about cloud security.

In a recent webinar, Stav Sitnikov, Chief Product Officer at Stream Security, and Tushar Kothari, Former CEO and Board Member of Attivo Networks, explored how organizations can turn the tables on cyber attackers using Stream Traps—deceptive cloud decoys designed to detect and delay malicious actors.

Cloud traps, deception assets embedded in cloud infrastructure, offer a proactive way to detect, delay, and divert attackers, buying security teams the signals and context they need to respond effectively. Rather than chasing faster MTTR alone, cloud traps focus on slowing the adversary down — turning every interaction into a tactical advantage for defenders.

In the dynamic realm of cloud security, the challenge of maintaining a comprehensive view of your environment can feel like navigating a complex Kabuki play. The illusion of security, created by disconnected security tools, often leads to costly investigations and wasted resources. This is especially true when it comes to understanding the interplay between your cloud infrastructure and your perimeter firewalls.

At Stream.Security, we believe the foundation of robust Cloud Detection and Response (CDR) lies in real-time visibility across your entire multi-cloud environment. That’s why our unique approach starts with an agentless methodology, creating a real-time model of your cloud infrastructure to provide immediate insights into attacks at the network, identity, and application log layers.

The news of Google's acquisition of Wiz has sent ripples through the cloud security landscape. While consolidation can sometimes bring benefits, it also raises a critical question for Wiz customers: What happens when your cloud security becomes inextricably linked with a single cloud platform provider?

Throughout the course of my career in information security, I’ve witnessed a disturbing trend firsthand: the alarming rate of burnout among SOC analysts. It's not just a statistic; it's a real and present danger to our teams and our organizations.

A widely used GitHub Action, tj-actions/changed-files, was compromised sometime before March 14, 2025 with a malicious payload, leading to the exposure of secrets in public repository logs. The incident has been assigned CVE-2025-30066 and is a stark reminder of the growing risks in the software supply chain.

As enterprises accelerate their cloud adoption, traditional security tools struggle to keep pace. The cloud introduces unique attack surfaces, rapid changes in infrastructure, and cloud-specific threats that solutions like SIEM, EDR, and SOAR weren’t designed to handle. This is where Cloud Detection and Response (CDR) comes into play—providing real-time cloud visibility, contextual insights, and guided response to threats across multi-cloud environments.

The momentum behind CDR isn’t just hype—it’s necessity. Cloud threats are evolving in real time, and security teams need tools that can keep up.