Lacework Labs
Cloud Threat Report
Lacework Labs details the increasing speed at which attackers discover and exploit access to cloud environments in their most recent Cloud Threat Report, Volume 4.
From exposure to compromise
In the last six months, Lacework Labs has seen a significant increase in efficiencies used by cybercriminals. Identities continue to be a key target for attackers. As an organization’s cloud maturity improves, they generate more operational data resulting in an environment that changes more frequently. It’s this ever-shifting nature where attackers see an opportunity. In this latest report, get insights into some of these main trends in the cloud threat landscape:
- Attackers are automating key discovery and exploits, taking advantage of momentary mistakes.
- Simple mistakes turn into misconfigurations that attackers are using to compromise your cloud identity infrastructure.
- Vulnerabilities continue to stick around for months, even years and attackers quickly exploit new vulnerabilities and continue to do so as long as they exist.
- Cryptojacking continues to be a staple in the cybercriminals’ tool belt.

Get detailed intelligence about ongoing infrastructure compromise activities and best practices for hardening your cloud security posture. Read the Executive Summary or explore the individual report chapters below.

Executive summary

Living off the API

Cloud infrastructure compromise

Adversarial tradecraft in the cloud

Proactive defense & intelligence

Adversaries are focusing on infrastructure
The evolution of cloud threats and defenses
Attackers are compromising cloud accounts and weaponizing new remote code execution vulnerabilities at breakneck speed. Read our latest report to learn the scale and scope of these new tactics and how they affect the cloud landscape. Then attend our webinar for an insider’s look at the tools, knowledge, and insights to help you combat these evolving threats in your cloud environment.
You’ll learn:
- The speed at which attackers compromise cloud accounts and weaponize new remote code execution vulnerabilities
- The increasing scale of attacks post-compromise
- Novel Linux malware techniques and increased compromised activities targeting cloud infrastructure
- How new tools like Cloud-Hunter can enable security teams to easily perform threat hunting across all your data

- Additional Reports and Insights
See us in action
Spot unknowns sooner and continuously watch for signs of compromise. Take us on a test drive to see for yourself.