Threat intelligence Archives

Roundtable: On Scattered Spider and the Atlas Lion threat group

Experts discuss the Atlas Lion threat group, a Scattered Spider subset, its innovative cloud attacks, and how to defend against their tactics.

Annual Threat Report 2025

2024 Cybersecurity Enhanced Resilience Checklist

Our report surfaces the most significant data we’re seeing in our threat detection and response efforts and offers resilience recommendations to protect your organization.

Annual Threat Report 2024

MITRE ATT&CK in Kubernetes: A defender’s cheat sheet & mind map kit

MITRE ATT&CK in Azure: A defender’s cheat sheet & mind map kit

Quarterly Threat Report – Q3 2023

Threat Report Q2 2023: Webinar

Quarterly Threat Report – Q2 2023

Threat Report Q1 2023: Webinar

Quarterly Threat Report – Q1 2023

The Silicon Valley Bank Collapse Fallout: How to Protect Your Business Against BEC

Quarterly Threat Report – Q3 2022

Quarterly Threat Report – Q2 2022

MITRE ATT&CK in GCP: A defender’s cheat sheet & mind map kit

Quarterly Threat Report – Q1 2022

MITRE ATT&CK in AWS: A defender’s cheat sheet & mind map kit

Inside an investigation: compromised AWS access keys

Hear how we caught an attacker that used a developer’s machine to gain access to AWS.

Azure guidebook: Building a detection and response strategy

Stories from the SOC: Investigating a phishing attack

Expel’s Ray Pugh walks through a phishing investigation. Learn how our analyst determines if it was malicious, who has been compromised and how to get left of the threat.