Skip to content
Product
Icon-Platform
Platform

Explore the core capabilities of the Cado Platform.

 Icon-Integrations
Integrations

Learn how the Cado platform integrates into your broader ecosystem.
Solutions
Use Cases
Icon-Cross-Cloud Investigations
Cross Cloud Investigations

Respond to incidents identified in AWS, Azure, and GCP in a single pane of glass.

 Icon-Container-Investigations
Container & K8s Investigations

Perform container investigations in EKS, AKS, GKE, and Kubernetes.

 Icon-Endpoint-Triage
SOC Triage

Automate endpoint triage for immediate insights and quick escalation.

 Icon-BEC-Compromise
SaaS Investigations

Analyze critical SaaS logs to investigate Business Email Compromise.

 Icon-Incident-Containment
Cloud Detection & Response (CDR)

Marry threat detection with forensic context to expedite response.

Icon-Evidence-Preservation
Evidence Preservation

Capture data immediately and preserve it before it disappears.
Cado For
SecOps
Incident Responders
Forensic Teams
MSSPs
Partners
Government
Resources
Icon-Report
All Resources

Explore Cado Security's entire content library.

 Icon-Blog
Blog

Timely commentary from the Cado Security team.

 Icon-Playbook
Playbooks

Best practices for investigating and responding to threats.

Icon-Cheat-Sheet
Cheat Sheets

Quick tips for investigating and responding to incidents.

 Icon-News
News

The latest Cado company announcements, press, and more.

 Icon-Community
Community

Access to our free edition of the Cado platform.

 Icon-documentation
Documentation

Technical documentation on how to best leverage the Cado platform.

 White Paper 80x80
Wiki

Everything you need to know about cloud security and cloud forensics.

Company
Icon-About
About

Learn more about the Cado Security mission, vision, and team.

 Icon-Incidident-Response Preparedness-II
Cado Security Labs

The research and development division at Cado Security
Get a Demo
    Get a Demo
      curve design on left

      Research & Threat Intel

      blog post featured image
      blog icon Featured Post |

      Darktrace's Proposed Acquisition of Cado Security

      January 22, 2025

      We are excited to share the news that Darktrace has announced its proposed acquisition of Cado Security. This milestone marks a new chapter...

      Continue Reading
      Cloud Investigations icon
      blog icon Cloud Investigations
      Kiss-a-Dog Discovered Utilizing a 20-Year-Old Process Hider
      December 21, 2022

      Introduction Researchers at Crowdstrike recently discovered a novel cryptojacking campaign, targeting Docker and Kubernetes,...

      Continue Reading
      Research & Threat Intel icon
      blog icon Research & Threat Intel
      Quick Update on Recent Denonia Samples
      December 14, 2022

      Back in April 2022, Cado discovered a suspicious ELF binary that utilized DNS over HTTPS, binary padding and in-memory...

      Continue Reading
      Cloud Investigations icon
      blog icon Cloud Investigations
      WatchDog Continues to Target East Asian CSPs
      November 16, 2022

      Introduction Researchers at Cado Labs have recently discovered the re-emergence of the threat actor WatchDog. As regular...

      Continue Reading
      Cloud Investigations icon
      blog icon Cloud Investigations
      AWS Lambda Incident Response
      October 7, 2022

      Organisations – both large and small – are increasingly leveraging Lambda serverless functions. From a business agility...

      Continue Reading
      Cloud Investigations icon
      blog icon Cloud Investigations
      Attacking the Cloud: cloud-init as a persistence mechanism
      September 8, 2022

      This is the first in a new series of articles from Cado Labs focusing on offensive techniques in the cloud. For this entry,...

      Continue Reading
      Cloud Investigations icon
      blog icon Cloud Investigations
      Tales From the Honeypot: WatchDog Evolves With a New Multi-Stage Cryptojacking Attack
      June 2, 2022

      Summary Cado Labs’ honeypot infrastructure was recently compromised by a complex and multi-stage cryptojacking attack...

      Continue Reading