Blog

Throughout the course of my career in information security, I’ve witnessed a disturbing trend firsthand: the alarming rate of burnout among SOC analysts. It's not just a statistic; it's a real and present danger to our teams and our organizations.

A widely used GitHub Action, tj-actions/changed-files, was compromised sometime before March 14, 2025 with a malicious payload, leading to the exposure of secrets in public repository logs. The incident has been assigned CVE-2025-30066 and is a stark reminder of the growing risks in the software supply chain.

As enterprises accelerate their cloud adoption, traditional security tools struggle to keep pace. The cloud introduces unique attack surfaces, rapid changes in infrastructure, and cloud-specific threats that solutions like SIEM, EDR, and SOAR weren’t designed to handle. This is where Cloud Detection and Response (CDR) comes into play—providing real-time cloud visibility, contextual insights, and guided response to threats across multi-cloud environments.

The momentum behind CDR isn’t just hype—it’s necessity. Cloud threats are evolving in real time, and security teams need tools that can keep up.

I'm thrilled to announce I've joined Stream as the Field CISO. After years immersed in the security world, including my time at OG&E, where I focused on building and maturing their cloud security infrastructure and processes, I'm excited to take on this new challenge and contribute to a company that's truly at the forefront of Cloud Security.

CSPM was never built for detection and response. It was built for prioritization. Trying to bolt real-time response onto a static, scan-based system doesn’t just fall short—it actively misleads security teams.

Announcing Stream's StreamLine Integration Program

The MITRE ATT&CK framework is a globally recognized knowledge base of adversary tactics and techniques that provides a structured model for cyber threats. In the context of cloud computing (such as Amazon Web Services),ATT&CK is extremely useful for mapping out potential attack paths and strengthening AWS security. By aligning AWS security monitoring and incident response with ATT&CK tactics, security teams gain a common language to describe threats and can ensure coverage for each phase of an attack lifecycle. This helps SOC analysts and cloud security engineers systematically detect malicious behavior and respond effectively, using AWS’s native tools and logdata.

Stream.Security, the leading provider of real-time cloud detection and response solutions, has been recognized as a Cool Vendor in the Gartner® report, “Cool Vendors™ for the Modern Security Operations Center."