AGP Picks
View all

Middle East News Watch
Provided by AGP

Skyhawk Security’s AI Red Team Took Over Company’s Full AWS Organization in Seconds

Using its AI Autonomous Attack Simulation, the new research exposes critical cloud security blind spot where legitimate configurations can be chained into full organizational control

TEL AVIV, Israel, June 29, 2026 (GLOBE NEWSWIRE) -- Skyhawk Security, a pioneer in AI-based red team cloud security, today announced new research showcasing how its Agentic AI Red Team took control of a company’s production AWS organization in seconds, starting with low-privileges and escalating to gaining control over a production organization. Skyhawk conducted the research to simulate what an agentic AI attacker is capable of within a real financial services company’s cloud environment. No frontier AI model was required to build or execute the attack, underpinning its severity in the traditional cloud security ecosystem.

Skyhawk’s AI Red Team executed the takeover despite the company following best practices, from configuring permissions and roles to utilizing a leading cloud-native application protection (CNAPP) platform. This autonomous AI attack is particularly concerning because there is no vulnerability to patch, no excessive permission to remove and no misconfiguration alert to remediate.

Skyhawk’s AI Red Team identified a chain of legitimate permissions and capabilities that were individually valid and intentionally configured. By dynamically manipulating roles and permissions, the AI Autonomous Attack Simulation moved from a low-privilege role to a complete production organization takeover. Once an attacker reaches that level of access in a production cloud environment, they can dismantle a business from the inside out.

The research emphasizes that traditional security controls would not be well positioned to stop AI Autonomous Attacks, preemptively or at runtime.

“For years, cloud security has centered on finding what is broken. This case shows that in the era of AI Autonomous Attacks, that model is no longer sufficient. The company we worked with during this research was doing a great job. Nothing in their environment was broken,” said Chen Burshan, CEO of Skyhawk Security. “Their security team had done the work and they were part of a leading CNAPP’s ‘zero critical findings club,’ but our AI Red team was still able to get full organization control. The risk lived in a chain of legitimate capabilities an Agentic AI-enabled attacker would utilize. To defend against AI Autonomous Attacks and prevent breaches, defenders must simulate what an attacker can actually do, build controls around the full attack and stop the attacker at AI speed.”

Industry data shows IAM is the initial access vector in more than 70% of cloud attacks and is involved in approximately 83% of attacks overall. Skyhawk’s research proves that IAM rightsizing alone cannot eliminate cloud risk.

A traditional graph view of the customer environment did not surface the attack. Static attack graph analysis showed no viable route from low privilege to organizational control, giving the security team a false sense of confidence. Skyhawk’s AI-powered adversarial view revealed how a threat actor would manipulate legitimate capabilities across privileges and boundaries until full organizational access was achieved.

Skyhawk’s AI Attack Simulation found the path in seconds, ascertaining that autonomous AI attackers can do the same.

"Agentic AI is changing cybersecurity from a static configuration problem into a dynamic systems problem,” said Rob Strechay, Cybersecurity Analyst and Principal at Smuget Consulting. “Organizations have invested heavily in identifying vulnerabilities and reducing misconfigurations, but AI-powered adversaries can reason across identities, permissions and cloud services in ways traditional tools were never designed to anticipate. The next phase of cloud security will be defined by continuously validating how an autonomous attacker could exploit legitimate capabilities before they become a business risk."

To see the full research details, visit: https://skyhawk.security/aws-cloud-org-takeover/

About Skyhawk Security  

Skyhawk Security is the leader in AI-powered cloud security. Its platform is purpose-built to defend against autonomous AI attacks. AI enables threat actors to move faster, probe deeper, and breach cloud environments at machine speed. Skyhawk fights back with an AI Red Team that continuously executes adversarial attack simulations against a digital model of your live cloud environment, providing autonomous responses that eliminate weaponized exposures before breaches occur. With Skyhawk, security teams can thwart AI-augmented cloud attacks without operational disruptions. Led by the team that built the original CSPM category, Skyhawk's platform continuously adapts its cloud security prevention and detection capabilities to each customer's unique cloud architecture, delivering security that self-improves with every threat it encounters. Skyhawk Security is a spin-off of Radware® (NASDAQ: RDWR). Follow Skyhawk on LinkedIn for continuous updates.

Media Contact:
Sherlyn Rijos-Altman
srijos@montner.com
Montner Tech PR


Primary Logo

Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share this page:

Advanced Search Options

Search for:

Search scope:

Type:

Search in:

Date range:

The last

Sort by:

Sign up for:

Middle East News Watch

The daily local news briefing you can trust. Every day. Subscribe now.

By signing up, you agree to our Terms & Conditions.