Reversec quarterly research brief

Q3 REVERSEC Research Brief

Dive into cutting-edge research that drives smarter security decisions

Download

Here’s what’s inside:

Last quarter, our cybersecurity research focused on two critical areas: cloud security with modern attack paths and privilege escalation techniques, and emerging technology trends with a strong emphasis on GenAI security. These priorities reflect what we see across the industries we work with. Most organizations are now cloud native, which means cloud-focused attack paths have become standard practice in real-world breaches. At the same time, many are implementing LLM applications, making vulnerabilities and guardrail bypass techniques a growing concern.

In this update, we share our latest findings along with practical recommendations to help security teams mitigate these threats. The brief comes in multiple formats, including conference talks you can watch on demand and detailed cybersecurity research articles from our labs.

Key themes in our recent cybersecurity research:

  • SharePoint bypasses that defeat Conditional Access and DLP controls. Attackers are using pre-signed URLs to quietly exfiltrate data from restricted environments.
  • Azure DevOps pipeline credential exposures. A single compromised developer account can cascade into full production access.
  • AWS ECS privilege escalation. Attackers are leveraging legitimate functionality to move laterally across containerized environments.
  • OneDrive to Entra role escalation. A clever use of Known Folder Move and PowerShell profiles to gain admin access.
  • Oracle database link exploitation. Forgotten connections between development and production environments are opening up lateral movement paths.
  • LLM agent security. We have published six architectural patterns to help you defend against prompt injection and model manipulation.

PLUS: new updates for open-source tools like SPIKEE for LLM testing, STRIFEBOT for Snowflake attack simulation, and IAMSpy for AWS policy analysis.

This is not research for research’s sake. It is designed to help you make informed decisions, prioritize your defenses, and stay ahead of attackers who are already using these techniques in the wild.

Ready to dive deeper into our cybersecurity research?
Download the full report now for complete insights.

Q3 Reversec Research Brief

Dive into cutting-edge research that drives smarter security decisions

Download


Subscribe below to get our quarterly
research update delivered straight to your inbox.👇 

This site is protected by reCAPTCHA and the Google
Privacy Policy and Terms of Service apply.

Related content

Whitepapers

Whitepaper | The illusion of security in Microsoft’s cloud defaults

October 9, 2025
Whitepaper | The illusion of security in Microsoft’s cloud defaults
Our thinking

Top 5 common misconfigurations in cloud environments – and how to avoid them

January 28, 2025
Top 5 common misconfigurations in cloud environments – and how to avoid them
Our thinking

fwd:cloudsec Europe 2024: Staying Sneaky in Microsoft Azure

October 4, 2024
fwd:cloudsec Europe 2024: Staying Sneaky in Microsoft Azure

Don’t be a stranger, let’s get in touch.

Our team of dedicated experts can help guide you in finding the right
solution for your unique issues. Complete the form and we are happy to
reach out as soon as possible to discuss more.

This site is protected by reCAPTCHA and the Google
Privacy Policy and Terms of Service apply.