Blog

Recent
Cloud Detection & Response

Stream Security Expands Beyond Cloud-Native: Full Hybrid Cloud Visibility with VMware, NSX, and On-Prem Network Support

The cloud security industry has a blind spot , and it's hiding in plain sight. Most cloud detection and response solutions were built for one world: public cloud. AWS, Azure, GCP. Clean APIs, structured logs, well-documented services. But that's not the world many enterprises actually live in. The reality? Your attack surface doesn't stop at your cloud boundary. Workloads run on VMware. Traffic routes through on-prem to cloud, And adversaries know that the seams between environments are where detection falls apart. Today, we're closing that gap. Stream Security now delivers full attack path analysis and runtime threat detection across hybrid cloud environments, starting with VMware (including NSX), on-premises routers, and network infrastructure.
Stav Sitnikov
Stav Sitnikov
Apr 14
3
min
Clear
All posts
AI
Popular
Highlights
CDR
AI SOC

Metadata Injection: The Hidden TTP Attackers Might Use to Fool Your AI Triage & Investigation

Stream’s red-team tests have uncovered a way to manipulate the AI triage process by injecting misleading information into cloud metadata.
Asaf Haski
Asaf Haski
Nov 24, 2025
6
min
Product
Popular
Highlights
CDR

Stream x Microsoft 365: Smarter, SaaS-Aware Threat Detection

Stream now integrates with Microsoft 365 to cover Entra ID, DLP, SharePoint, Teams, Outlook, and OneDrive for unified, SaaS-aware threat detection.Get real-time visibility across identity, chat, files, and mail and detect token abuse, malicious OAuth apps, Teams-based phishing, and abnormal file activity from a single view.
Nov 10, 2025
3
min
AI
Popular
Highlights
AI SOC
CDR
CloudTwin

Faster & Better: Using Data to Make Your AI SOC Shine

AI tools are only as effective as the data they learn from. For the first time, the industry has tools to make this data accessible and meaningful. Let's look at how the industry sees AI SOC agents and how to maximize the use of their data sources.
Maor Idan
Maor Idan
Nov 3, 2025
2
min
Cloud Detection & Response
Popular
Highlights
CDR
CloudTwin
AI SOC

Closing the Gap: How Automated AI Triage Transforms Cloud & SaaS Threat Detection

Stream.Security just launched a new AI Triage feature to assist analysts in addressing the growing volume of alerts in the cloud and SaaS. The AI Triage agent brings human-like intelligence and decision making to SOC analysts. With Stream’s real-time CloudTwin model, the triage digests updated risk-based data that factors in asset criticality, exposure, and blast radius to prioritize alerts that truly matter.
Asaf Haski
Asaf Haski
Oct 22, 2025
7
min
Cloud Detection & Response
Popular
Highlights
Stream Traps
CDR

Canaries: The Force Multiplier for Early Cloud Intrusion Detection

Stream delivers cloud-native detection engines, from rules and anomalies to canaries, as part of our Cloud Detection & Response (CDR) platform.Traditional canaries are siloed, making them hard to scale, hard to manage, and often ignored. Stream takes canaries further by embedding them into the CloudTwin™ fabric.
Stav Sitnikov
Stav Sitnikov
Oct 13, 2025
5
min
Cloud Detection & Response
Popular
Highlights
CDR
Networking

Cloud Identity & Network Segmentation: Shrinking the Breach Blast Radius

When we talk about cloud hardening, encryption, patching, and zero-day detection usually get all the spotlight. But in reality, the single most important factor in reducing breach impact is blast radius reduction. That comes down to two things: identity segmentation and network segmentation.
Stav Sitnikov
Stav Sitnikov
Oct 6, 2025
6
min
Cloud Detection & Response
Popular
Highlights
CDR
AWS
GitHub

CDRGoat Scenario 2: Web Vuln to Full Account Takeover via SSM & IAM

Let’s dive in to our first attack scenario together: CDRGoat Scenario 2. This scenario demonstrates how a simple but popular web application vulnerability, SSRF, can escalate into complete AWS account compromise. We'll walk through a realistic attack chain that leverages common cloud misconfigurations rather than obvious security flaws.
Petr Zuzanov
Petr Zuzanov
Sep 29, 2025
6
min
Cloud Detection & Response
Popular
Highlights
AWS
CDR
Terraform

Getting Started with Stream’s CDRGoat

Get started with Stream's CDRGoat! This post will walk through how to set up your environment, run your first scenario and start gaining value from the detections it generates.
David Moss
David Moss
Sep 19, 2025
5
min
Cloud Detection & Response
Popular
Highlights
AWS
CDR
Terraform

Stream CDRGoat: Real World Attack Simulations for Threat Detection Readiness

Stream's CDRGoat is an open-source project that lets SecOps teams safely validate detections and investigations against realistic cloud attack paths. Each scenario, developed by Stream’s Security Research and Product teams, includes vulnerable infrastructure and walks through a guided live attack to show exactly how adversaries exploit cloud environments in practice.
Petr Zuzanov
Petr Zuzanov
Sep 17, 2025
3
min
Cloud Security
Popular
Highlights
CDR

From SIEM to Stream: Why SIEM is No Longer Enough to Mitigate Modern Threats

Make your existing SIEM work for the cloud with Stream Security’s Cloud Detection & Response platform
Stav Sitnikov
Stav Sitnikov
Sep 9, 2025
5
min

What's new

Blog
Stream Security Expands Beyond Cloud-Native: Full Hybrid Cloud Visibility with VMware, NSX, and On-Prem Network Support
Stav Sitnikov
News
Stream Security Wins “Trailblazing Cloud Detection & Response” Award at the 2025 Top InfoSec Innovator Awards
Stream Team
Upcoming event
Tulsa Oklahoma IT Symposium
All events >