Olivia
Online
Stream.Security
@StreamSecurity
Security teams are drowning in cloud alerts, digging through logs, and chasing context manually. It’s a grind - and it doesn’t scale. Stream fixes that!
San Francisco, CA
Joined August 2020
54 Following
172 Followers
342 Posts
https://t.co/XO4v0aUQwI is expanding beyond cloud-native environments.
👉🔗 https://t.co/RwGsH9vv6z
#CloudSecurity #HybridCloud #VMware #CDR
This is the second major supply chain attack in a week. Our Threat Research Team breaks down what happens after the malware runs, and why IOC-first detection fails this class of attack entirely.
https://t.co/rbdN8Dj0Uh
⁉️ But the real question is: did your SOC catch the compromise in time, before the first IOC dropped?
⚠️ axios was compromised. If you write JavaScript, you've used it, it's the HTTP client in virtually every Node.js application, with 60M+ weekly downloads.
~2-3 hours of exposure.
Who to follow
LaunchDarkly
@LaunchDarkly
Runtime control for the AI era. Helping engineering teams ship, govern, and control code and AI agents in production without waiting on a redeploy. 🚀🧑🚀
Lightrun
@Lightruntech
Lightrun is an AI-native reliability engineering platform that enables teams and AI agents autonomously prevent and remediate software issues across the SDLC.
Skyhawk Security 
@SkyhawkCloudSec
Skyhawk Security stops AI Autonomous Attacks with it AI Red Team to find threats, exposures, and vulnerabilities before AI-enabled threat actors.
Full IOCs, TTPs, and detection guidance here: https://t.co/4M4TZ23Nyf
WHAT YOU NEED TO KNOW - LiteLLM Supply Chain Attack 🚨
Our Threat Research team is analyzing a cascading supply chain attack, TeamPCP, that crossed five ecosystems in under a week. The next stage is unfolding now (analysis coming soon).
Hunt for sysmon.service, https://t.co/MB4j69bkQh, /tmp/pglog, and node-setup-* pods. Block models.litellm[.]cloud and checkmarx[.] zone at DNS now. Part 2 of our analysis coming shortly on [email protected].
@InvestiAnalyst Thanks for the mention, @InvestiAnalyst! With the force of AI at play, our biggest defense is architecture, not time. That's why the CloudTwin is so critical to any defense in the cloud.
In 2026, Cloud Security CNAPP and posture are dead. One vendor won that market. We need to focus on what is next. We believe the next big opportunity lies in cloud runtime / CDR.
Most cloud security stacks still rely on snapshots:
• CNAPP shows what was misconfigured
• SIEM shows what happened
• EDR shows what was executed
But breakout times are now measured in minutes. Cloud environments change constantly. Stateless data from hours ago is no longer defensible.
We’re seeing early adopters move toward a Cloud Twin architecture: a continuously updated, stateful model of identities, configurations, network reachability, and exposure in near real time.
This shifts detection from log correlation to state-based reasoning and lets SOC teams prioritize alerts based on actual exploitability.
Aqsa Taylor just published a case study on how @StreamSecurity applies this model to close the CDR gap without replacing CNAPP, SIEM, or EDR.
Full report here: https://t.co/gIs9uS25hy
Full breakdown from our Principal Security Researcher Petr Zuzanov 👇 https://t.co/Km4qGxwuua
THIS KUBERNETES API CALL CAN HAND ATTACKERS YOUR ENTIRE CLUSTER (& you probably aren't watching it).
@GrahamHelton3's latest research shows how nodes/proxy GET can be abused to run arbitrary commands in every pod, enable trivial pod breakout, and leave no meaningful audit trail.
Without real-time Kubernetes and cloud state, this attack path is basically invisible.
This is exactly the class of control-plane abuse Stream is built to detect by continuously modeling live permissions, access paths, and impact as they change.
Register for the workshop to see if your team has what it takes to detect & respond in the ☁️
🔗 https://t.co/MjvwfHrDbO
Live Workshop with @latiotech on Dec 9th 📅
Cloud incidents are getting faster and harder to untangle. (cc: Sha1-Hulud 2.0) 🪱
Does your team have what it takes to respond effectively?
If your team wants a sharper, repeatable response workflow, this workshop is worth the hour. Stream's CPO @stavsitni and Latio's Founder @JamesBerthoty will take us step-by-step through a live cloud incident.
Here's the deep dive into how we investigated the Shai-Hulud 2.0-style attack we created: https://t.co/jPVic0uQ1q
We put Stream’s detection and investigation capabilities to the test using a scenario modeled after the recent Shai-Hulud 2.0 supply-chain attack. 🪱
Stream's users don't have to wait for signature database updates to detect zero-day attacks. Do you?
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers