Sysdig Threat Research

Discovering the latest attacks and providing defensive measures to keep organizations safe

LATEST CVE NEWS

Detect and remediate RCE exploits in CUPS vulnerabilities

Detect Leaky Vessels exploitation in Docker and Kubernetes

Detect SSH-Snake, a self-modifying worm

Featured novel threats

Research at Sysdig is rooted in two core disciplines — security research and threat detection and response — to identify and stop the most critical and novel cloud-native threats in their tracks.

Stolen cloud credentials were used to target 10 cloud-hosted LLMs

Inside the operations of a rising threat actor exploiting OSS tools

A detailed analysis of a sophisticated botnet group operating unnoticed for 10 years

How an operation leveraged Terraform, Kubernetes, and AWS to steal data

The latest threat research

Showing 9 of 99

Threat Research

EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files

Threat Research

CSI Forensics: Unraveling Kubernetes Crime Scenes

Threat Research, Cloud Security

Sysdig 2024 Global Threat Report

Threat Research

AWS Launches Improvements for Key Quarantine Policy

Threat Research

Detecting and Mitigating Remote Code Execution Exploits in CUPS

LLMjacking

Cloud Security, Threat Research

The Growing Dangers of LLMjacking: Evolving Tactics and Evading Sanctions

Threat Research, Cloud Security

Sysdig Threat Research Team – Black Hat 2024

Threat Research, Cloud Security

CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools

Threat Research, Cloud Security

DDoS-as-a-Service: The Rebirth Botnet

1 2 3 … 11

About the team

The Sysdig Threat Research Team (TRT) are highly skilled security experts dispersed across the globe, with experience in governmental, commercial, and academic arenas. Their expertise includes offensive and defensive security operations, computer network operations, malware analysis, and beyond.

The team is well-known for introducing the 10-minute timeframe for cloud attacks, setting the 555 Benchmark for Cloud Threat Detection and Response, and uncovering novel threats like SCARLETEEL.

The industry’s most elite threat researchers
The Sysdig Threat Research Team specializes in the discovery and mitigation of the most novel cloud and container attacks.

15

+

Novel threats discovered since 2022

500

+

Detection rules created

75

+

Reports published on vulns, detections, and mitigation techniques

Threat Research Reports

2023 Global Cloud Threat Report

2023 Global Cloud Threat Report

2022 Cloud Native Threat Report

2022 Cloud-Native Threat Report

Cloud-Native Usage Reports

Sysdig 2024 Cloud-Native Security and Usage Report

Sysdig 2024 Cloud-Native Security and Usage Report

sysdig-2023-usage-report-meta-social-image

2023 Cloud Native Security and Usage Report

2022 Cloud-Native Security and Usage Report

2022 Cloud-Native Security and Usage Report