2025 Cloud-Native Security and Usage Report: How are enterprises advancing their security?
READ NOW
Customers rate Sysdig top CNAPP in Customers' Choice category within Gartner® VOC report
LEARN MORE
Sysdig Home
×
Platform
Back
Platform
Platform
Sysdig Secure
CNAPP powered by runtime insights
Environments
Integrations
Sysdig Monitor
Powered By
Falco
The core engine providing runtime insights to the Sysdig platform
hidden header
Sysdig Sage™ GenAI
AI cloud security analyst with multi-step reasoning
555 Benchmark
Detect and respond to cloud attacks faster than attackers can complete them
Solutions
Back
Solutions
Real-time Cloud Security
Cloud-Native Application Protection Platform
Unified cloud security to protect your cloud, containers, and workloads
AI Workload Security
Detect, prioritize, and remediate active AI risk
Cloud Detection & Response
Detect, investigate, and respond to threats at cloud speed
From Prevention to Detection & Response
Cloud Workload Protection
Vulnerability Management
Cloud Security Posture Management
Cloud Identity & Entitlement Management
hidden
Container & Kubernetes Security
Server Threat Detection & Response
Infrastructure as Code Security
Cloud Security Requires Runtime Insights
Real-time visibility for detection and response and rich context to prioritize what matters most
Company
Back
Company
Why Sysdig
Our Customers
Hear how our customers secure and accelerate innovation in the cloud
Runtime Insights
Learn how runtime insights powers real-time cloud security
Threat Research Team
Get the latest threat research and security findings
About Sysdig
Who We Are
Leadership Team
Newsroom
Compare Sysdig
Aqua
Crowdstrike
Lacework
Orca
Prisma Cloud
SentinelOne
Wiz
Customer Spotlight
BigCommerce achieves real-time cloud security
Open Source
Back
Open Source
OSS
Sysdig & OSS
The future of security is open
Projects
Falco
Detect threats in real time
Falco Feeds by Sysdig
Enterprise detection rules for Falco users
Stratoshark
Analyze, troubleshoot, and secure cloud environments
hidden
Open Policy Agent
Unify policy enforcement for cloud-native environments
Prometheus
Monitor cloud-native applications and Kubernetes
Why Open Source Matters
Falco’s journey to CNCF graduation
Resources
Back
Resources
Learn
Blog
Get the latest news and insights from cloud security experts
Learn Cloud Native
Learn cloud and container security fundamentals
Content Library
Explore cloud and container security content
Engage
Webinars & Workshops
Events
Contact Us
Get Support
Contact Support
Sysdig Status
Docs
Sysdig Threat Research
Security research focused on the latest cloud-native security threats, vulnerabilities, and attack patterns
Search
Back
Search for:
Search
Best Match
View all search results
Languages
Back
Language
Language Header – Hidden
Deutsch
English
Español
Français
Italiano
日本語
Log In
Back
Log In
Monitor
US-East
US-West
EU-Central
AWS-AP-Sydney
AWS-AP-South
GCP-US-West
Secure
US-East
US-West
EU-Central
AWS-AP-Sydney
AWS-AP-South
GCP-US-West
Log In – 3rd Column Header – HIdden
Support
Get Demo
555 Benchmark
Detect and respond to cloud attacks faster than attackers can complete them
Blog
Miguel Hernández
Miguel Hernández
Threat Research
EMERALDWHALE: 15k Cloud credentials stolen in operation targeting exposed Git config files
Threat Research, Cloud Security
CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools
Blogs by Miguel Hernández
Filter By:
Threat Research
EMERALDWHALE: 15k Cloud credentials stolen in operation targeting exposed Git config files
Miguel Hernández | October 30th, 2024
Threat Research, Cloud Security
CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools
Miguel Hernández | July 11th, 2024
Threat Research
Meet the Research behind our Threat Research Team
Miguel Hernández | April 26th, 2024
Threat Research
SSH-Snake: New Self-Modifying Worm Threatens Networks
Miguel Hernández | February 20th, 2024
Threat Research, Cloud Security, Kubernetes & Container Security
CVE-2023-38545: High Severity cURL Vulnerability Detection
Miguel Hernández | October 12th, 2023
Threat Research, Cloud Security, Kubernetes & Container Security, Open Source
LABRAT: Stealthy Cryptojacking and Proxyjacking Campaign Targeting GitLab
Miguel Hernández | August 17th, 2023
Threat Research, Cloud Security, Kubernetes & Container Security
KeePass CVE-2023-32784: Detection of Processes Memory Dump
Miguel Hernández | June 13th, 2023
Cloud Security, Compliance
Why Companies Still Struggle with Least Privilege in the Cloud
Miguel Hernández | March 14th, 2023
Open Source, Kubernetes & Container Security
ChatGPT as your Falco Consultant
Miguel Hernández | February 24th, 2023
Kubernetes & Container Security
Vulnerability Prioritization – Combating Developer Fatigue
Miguel Hernández | February 14th, 2023
Cloud Security, Compliance, Kubernetes & Container Security, Open Source, Threat Research
Blackhat 2022 recap – Trends and highlights
Miguel Hernández | August 12th, 2022
Kubernetes & Container Security, Monitoring, Open Source
How attackers use exposed Prometheus server to exploit Kubernetes clusters
Miguel Hernández | July 5th, 2022
Back to Blog
