Skyhawk Security enhances Autonomous Purple Team to secure custom cloud apps

Skyhawk Security expanded its AI-powered Autonomous Purple Team to include custom cloud applications. For the first time, organizations can preemptively and continuously secure custom cloud applications and their cloud infrastructure without agents.

This innovation protects against today’s biggest cloud security issue, one exploited in recent attacks including the MOVEit Transfer breach, the XZ Utils backdoor, a Google Cloud metadata exposure via a web application flaw and Log4j and Log4Shell—thus closing the gap between application security and cloud infrastructure monitoring.

With its latest expansion, the Skyhawk platform will now preemptively analyze and detect application-layer vulnerabilities, evaluate exploit paths across application and infrastructure boundaries and prioritize remediation based on real-time risk context. It will also continuously monitor for threats, including exploits that cross between applications and cloud infrastructure. All without the need for agents and their associated costs and complexity.

“Security for custom cloud applications and the infrastructure they use has traditionally been siloed, with agent-based tools that lacked full context and, worse still, only identified problems after they happened, if at all,” said Chen Burshan, CEO of Skyhawk Security.

“Even given the ‘smoking gun’ IOC when events do happen, SecOps teams struggle to trace attack paths that begin with an application-layer vulnerability, move laterally through cloud infrastructure and re-enter the application stack. By extending our Autonomous Purple Team into the application layer, we are delivering unified, context-aware threat simulation and detection powered by Skyhawk’s AI, data flow analysis and deep analytics — purpose-built for modern, cloud-native environments,” Burshan added.

Skyhawk Security will demonstrate its Autonomous Purple Team for custom cloud applications at booth 5173 in the North Expo Hall at RSAC 2025 Conference, taking place April 28 – May 1, 2025, in San Francisco. Attendees can schedule a private meeting with the Skyhawk team at this link.

The average total number of cloud alerts experienced by organizations increased by 388% in 2024, according to recent research. Skyhawk’s platform supercharges the efficiency and effectiveness of SOCs to address this onslaught by:

• Preemptively identifying potential attack paths using its AI-powered Autonomous Purple Team. It simulates real-world attacks against a company’s unique cloud application and the cloud infrastructure together, as they really operate.
• Application scanning and data flow analysis to identify potential cross-level business logic flaws and coding errors that create exploits.
• Real-time observability of cloud apps and infrastructure to understand how threats are unfolding, right now.
• Providing complete context and interactive CDR. SOCs can immediately identify the root cause of incidents and contact users directly to separate real threats from legitimate activity.
• Pre-positioning responses with full context so that when incidents do happen, SOCs can shut the attacks down in seconds, not days or even weeks.
• Risk scoring of alerts based on exploitability and threats to the company’s crown jewels to prioritize SecOps activity and make it manageable.