Explore more publications!
Georgian Industry Reporter
Got News to Share?

Skyhawk Security Ties AI Red Team Cloud Attack Scenarios to Known Threat Actor Tradecraft

New capability helps security teams prioritize exposures and simulated AI red team attack scenarios based on threat Intelligence

SAN FRANCISCO, March 24, 2026 (GLOBE NEWSWIRE) -- RSA CONFERENCE -- Skyhawk Security, the leader in Purple Team-powered cloud security, has added Threat Actor Context to its award-winning platform. The enhancement adds real-world adversary insights to cloud attack scenarios created with Skyhawk’s AI Red Team, mapping them to known threat actors, major campaigns and affiliated CVEs.

“Security teams have plenty of data, telemetry and alerts. What they’re usually lacking is the context to transform that data into security insights and pinpoint why simulated attack scenarios matter to their business based on activity seen in the wild,” said Chen Burshan, CEO of Skyhawk Security. “We’re helping them view scenarios through the lens of known attacker behavior to better assess exposure and improve prioritization.”

The new capability looks beyond TTPS. Threat Actor Context enriches Skyhawk’s platform by adding curated threat intelligence to attack scenarios, incorporating signals such as targeted industries, geographies and malicious campaign methods. It was designed as a contextual enrichment capability using Skyhawk’s attribution engine. This adds value for customers by showing them what their attack scenario resembles and why it deserves attention in their business’s specific context.

At launch, Threat Actor Context connects scenarios to threat intelligence-based adversary behaviors such as:

  • Scattered Spider - patterns tied to identity-driven intrusions and high-profile attacks like MGM Resorts and Caesars Entertainment
  • APT29 - tradecraft linked to NOBELIUM and TeamCity-related cloud intrusion activity
  • APT44 / Sandworm - patterns associated with disruptive operations and campaigns like BadPilot
  • TraderTraitor - techniques tied to the JumpCloud compromise and the Bybit theft
  • APT41 - behavior associated with operations such as Operation CuckooBees and broader public sector targeting

Skyhawk will showcase Threat Actor Context at booth 358 in the South Expo Hall during RSA Conference, taking place March 23- 26, 2026, in San Francisco. Attendees can schedule a private meeting with the Skyhawk team using this link.

About Skyhawk Security

Skyhawk Security is the leader in AI Based Purple Team-Powered Cloud Security, leveraging a multi-layer AI-based approach to identify and preemptively stop cloud threats before they become breaches. Skyhawk revolutionizes cloud security with its Continuous Proactive Protection, an AI-powered Autonomous Purple Team, enabling security teams to take a proactive approach to cloud security for the very first time. Led by a team of cybersecurity and cloud professionals who built the original CSPM category, Skyhawk’s platform evolves cloud security posture management far beyond scanning and static configuration analysis, continuously adapting and improving threat detection so that it is always aligned with the cloud architecture. Skyhawk Security is a spin-off of Radware® (NASDAQ:RDWR). For continuous updates, follow Skyhawk on LinkedIn.

Media Contact:
Sherlyn Rijos-Altman
srijos@montner.com
Montner Tech PR


Primary Logo

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share us

on your social networks:
Facebook Facebook LinkedIn LinkedIn
AGPs

Get the latest news on this topic.

SIGN UP FOR FREE TODAY

No Thanks

By signing to this email alert, you
agree to our Terms & Conditions