Skip to content
Product
Icon-Platform
Platform

Explore the core capabilities of the Cado Platform.

 Icon-Integrations
Integrations

Learn how the Cado platform integrates into your broader ecosystem.
Solutions
Use Cases
Icon-Cross-Cloud Investigations
Cross Cloud Investigations

Respond to incidents identified in AWS, Azure, and GCP in a single pane of glass.

 Icon-Container-Investigations
Container & K8s Investigations

Perform container investigations in EKS, AKS, GKE, and Kubernetes.

 Icon-Endpoint-Triage
SOC Triage

Automate endpoint triage for immediate insights and quick escalation.

 Icon-BEC-Compromise
SaaS Investigations

Analyze critical SaaS logs to investigate Business Email Compromise.

 Icon-Incident-Containment
Cloud Detection & Response (CDR)

Marry threat detection with forensic context to expedite response.

Icon-Evidence-Preservation
Evidence Preservation

Capture data immediately and preserve it before it disappears.
Cado For
SecOps
Incident Responders
Forensic Teams
MSSPs
Partners
Government
Resources
Icon-Report
All Resources

Explore Cado Security's entire content library.

 Icon-Blog
Blog

Timely commentary from the Cado Security team.

 Icon-Playbook
Playbooks

Best practices for investigating and responding to threats.

Icon-Cheat-Sheet
Cheat Sheets

Quick tips for investigating and responding to incidents.

 Icon-News
News

The latest Cado company announcements, press, and more.

 Icon-Community
Community

Access to our free edition of the Cado platform.

 Icon-documentation
Documentation

Technical documentation on how to best leverage the Cado platform.

 White Paper 80x80
Wiki

Everything you need to know about cloud security and cloud forensics.

Company
Icon-About
About

Learn more about the Cado Security mission, vision, and team.

 Icon-Incidident-Response Preparedness-II
Cado Security Labs

The research and development division at Cado Security
Get a Demo
    Get a Demo
      curve design on left

      Research & Threat Intel

      blog post featured image
      blog icon Featured Post |

      Darktrace's Proposed Acquisition of Cado Security

      January 22, 2025

      We are excited to share the news that Darktrace has announced its proposed acquisition of Cado Security. This milestone marks a new chapter...

      Continue Reading
      Cloud Investigations icon
      blog icon Cloud Investigations
      Legion: an AWS Credential Harvester and SMTP Hijacker
      April 13, 2023

      Legion splash screen Cado Labs researchers recently encountered an emerging Python-based credential harvester and hacktool,...

      Continue Reading
      Research & Threat Intel icon
      blog icon Research & Threat Intel
      Previously Undiscovered TeamTNT Payload Recently Surfaced
      March 16, 2023

      Introduction Sysdig’s threat research team recently reported on a fascinating client engagement they conducted, in response...

      Continue Reading
      Research & Threat Intel icon
      blog icon Research & Threat Intel
      Redis Miner Leverages Command Line File Hosting Service
      March 2, 2023

      Cado Labs researchers recently discovered a novel cryptojacking campaign targeting insecure deployments of Redis....

      Continue Reading
      Research & Threat Intel icon
      blog icon Research & Threat Intel
      Leopard Tank Announcement Prompts Cyber Retaliation
      January 25, 2023

      Cado Labs researchers have discovered evidence of retaliation from Russian cyber threat groups, in response to yesterday’s...

      Continue Reading
      Cloud Investigations icon
      blog icon Cloud Investigations
      Kiss-a-Dog Discovered Utilizing a 20-Year-Old Process Hider
      December 21, 2022

      Introduction Researchers at Crowdstrike recently discovered a novel cryptojacking campaign, targeting Docker and Kubernetes,...

      Continue Reading
      Research & Threat Intel icon
      blog icon Research & Threat Intel
      Quick Update on Recent Denonia Samples
      December 14, 2022

      Back in April 2022, Cado discovered a suspicious ELF binary that utilized DNS over HTTPS, binary padding and in-memory...

      Continue Reading