Blog

Stream’s red-team tests have uncovered a way to manipulate the AI triage process by injecting misleading information into cloud metadata.

Stream now integrates with Microsoft 365 to cover Entra ID, DLP, SharePoint, Teams, Outlook, and OneDrive for unified, SaaS-aware threat detection.Get real-time visibility across identity, chat, files, and mail and detect token abuse, malicious OAuth apps, Teams-based phishing, and abnormal file activity from a single view.

AI tools are only as effective as the data they learn from. For the first time, the industry has tools to make this data accessible and meaningful. Let's look at how the industry sees AI SOC agents and how to maximize the use of their data sources.

Stream.Security just launched a new AI Triage feature to assist analysts in addressing the growing volume of alerts in the cloud and SaaS. The AI Triage agent brings human-like intelligence and decision making to SOC analysts. With Stream’s real-time CloudTwin model, the triage digests updated risk-based data that factors in asset criticality, exposure, and blast radius to prioritize alerts that truly matter.

Stream delivers cloud-native detection engines, from rules and anomalies to canaries, as part of our Cloud Detection & Response (CDR) platform.Traditional canaries are siloed, making them hard to scale, hard to manage, and often ignored. Stream takes canaries further by embedding them into the CloudTwin™ fabric.

When we talk about cloud hardening, encryption, patching, and zero-day detection usually get all the spotlight. But in reality, the single most important factor in reducing breach impact is blast radius reduction. That comes down to two things: identity segmentation and network segmentation.

Let’s dive in to our first attack scenario together: CDRGoat Scenario 2. This scenario demonstrates how a simple but popular web application vulnerability, SSRF, can escalate into complete AWS account compromise. We'll walk through a realistic attack chain that leverages common cloud misconfigurations rather than obvious security flaws.

Get started with Stream's CDRGoat! This post will walk through how to set up your environment, run your first scenario and start gaining value from the detections it generates.

Stream's CDRGoat is an open-source project that lets SecOps teams safely validate detections and investigations against realistic cloud attack paths. Each scenario, developed by Stream’s Security Research and Product teams, includes vulnerable infrastructure and walks through a guided live attack to show exactly how adversaries exploit cloud environments in practice.

Make your existing SIEM work for the cloud with Stream Security’s Cloud Detection & Response platform