The Cado team has introduced several updates to enhance the efficiency of cloud investigations. Key enhancements include multi-select import options, seamless integration of Cloudgrep for efficient log searching, vulnerability scanning for Linux resources, and improved role-based access controls. These updates aim to streamline security operations and provide better insights during investigations. Affected: Cado platform, cloud storage environments, security operations
Keypoints :
- New multi-select import feature for resources across multiple projects.
- Integration of Cloudgrep to allow targeted searches in cloud storage logs.
- Faster investigation workflows through improved search and filtering options.
- Introduction of certificate-based authentication for Azure environments.
- Vulnerability scanning added to the investigation pipeline for Linux resources.
- Role-based access control improvements with five distinct roles for better permission management.
MITRE Techniques :
- TA0001 – Initial Access: Users can utilize certificate-based authentication to access Azure environments.
- TA0007 – Discovery: The integration of Cloudgrep enhances discovery through targeted searches in cloud storage.
- TA0009 – Collection: Multi-select import and improved filtering assist in the collection of pertinent logs.
- TA0040 – Impact: Full-disk vulnerability scanning provides insights into vulnerabilities within acquired evidence, impacting the risk assessment.
Indicator of Compromise :
- IP Address 192.168.1.1
- IP Address 8.8.8.8
- Domain example.com
- Email Address [email protected]
- MD5: 5d41402abc4b2a76b9719d911017c592
Full Story: https://www.cadosecurity.com/blog/whats-new-in-the-cado-platform-q4-24/25
Views: 80