Skyhawk Security Research Reveals AI Attack Risks
Written by Emily J. Thompson, Senior Investment Analyst
Updated: 2 days ago
0mins
Source: Newsfilter
- AI Attack Simulation: Skyhawk Security's Agentic AI Red Team successfully took control of a financial services company's AWS production organization in seconds, despite the company following best security practices, highlighting the inadequacy of traditional cloud security measures.
- Exploitation of Permission Chains: The research indicates that AI attackers can dynamically manipulate legitimate permissions and roles to escalate from low-privilege roles to full organizational control, emphasizing the critical role of IAM in over 70% of cloud attacks.
- Failure of Security Controls: Traditional static attack graph analysis failed to surface the attack path, giving the security team a false sense of confidence, while Skyhawk's AI adversarial view revealed how attackers could exploit legitimate capabilities to achieve full access.
- Future Security Challenges: Skyhawk's research suggests that the next phase of cloud security will require continuous validation of how to prevent AI autonomous attacks, as traditional methods of identifying vulnerabilities and reducing misconfigurations are no longer sufficient to address emerging threats.
Trade with 70% Backtested Accuracy
Stop guessing "Should I Buy RDWR?" and start using high-conviction signals backed by rigorous historical data.
Sign up today to access powerful investing tools and make smarter, data-driven decisions.
Analyst Views on RDWR
Wall Street analysts forecast RDWR stock price to fall
3 Analyst Rating
1 Buy
2 Hold
0 Sell
Moderate Buy
Current: 30.860
Low
25.00
Averages
30.00
High
35.00
Current: 30.860
Low
25.00
Averages
30.00
High
35.00
About RDWR
Radware Ltd. is a provider of cyber security and application delivery solutions. The Company's solutions incorporate Distributed Denial of Service protection, Web application firewall (WAF) and Application Delivery Controllers (ADC) technologies to enable its customers to provide cyber-attack mitigation solutions for a range of applications. The Company's products and activities are focused on protecting against cyber-attacks and ensuring optimal application service level for enterprises' and carriers' data centers. Its solutions include application and network security, and application delivery. Its application and network Security products include DefensePro Attack Mitigation Device, AppWall Web Application Firewall, DefenseFlow Cyber Command and Control application, and DefensePipe Cloud Scrubbing Service. Its application delivery products include Alteon NG, LinkProof NG and FastView. Its management solutions include APSolute Vision, application performance monitoring and vDirect.
About the author

Emily J. Thompson
Emily J. Thompson, a Chartered Financial Analyst (CFA) with 12 years in investment research, graduated with honors from the Wharton School. Specializing in industrial and technology stocks, she provides in-depth analysis for Intellectia’s earnings and market brief reports.
- AI Attack Simulation: Skyhawk Security's Agentic AI Red Team successfully took control of a financial services company's AWS production organization in seconds, despite the company following best security practices, highlighting the inadequacy of traditional cloud security measures.
- Exploitation of Permission Chains: The research indicates that AI attackers can dynamically manipulate legitimate permissions and roles to escalate from low-privilege roles to full organizational control, emphasizing the critical role of IAM in over 70% of cloud attacks.
- Failure of Security Controls: Traditional static attack graph analysis failed to surface the attack path, giving the security team a false sense of confidence, while Skyhawk's AI adversarial view revealed how attackers could exploit legitimate capabilities to achieve full access.
- Future Security Challenges: Skyhawk's research suggests that the next phase of cloud security will require continuous validation of how to prevent AI autonomous attacks, as traditional methods of identifying vulnerabilities and reducing misconfigurations are no longer sufficient to address emerging threats.
See More
- Partnership Announcement: Radware has partnered with Dataiku to integrate its application, AI, and API security capabilities into Dataiku's platform, aiming to help enterprises monitor and control AI-driven actions, thereby addressing the growing security needs of AI systems in production environments.
- Expanded Security Capabilities: By incorporating Radware's AI guardian agent services into AI initiatives, the partnership transcends traditional security budgets and creates new entry points for enterprise stakeholders, enhancing Radware's participation in enterprise technology investments.
- Real-Time Monitoring and Control: The new solution is designed to monitor and control AI system behaviors in real-time, helping organizations reduce risks of unauthorized actions, data exposure, and compliance gaps, ensuring AI systems operate securely in real-world environments.
- Strategic Implications: This collaboration not only enhances Dataiku's platform with security capabilities but also provides Radware with a natural entry point into enterprises, demonstrating both companies' commitment to addressing security challenges in the rapidly evolving AI market.
See More
- Malicious Bot Traffic: According to Radware's report, malicious bot traffic accounted for 43% of e-commerce website traffic during the 2025 holiday shopping season, a significant increase from 31% the previous year, indicating a growing threat of malicious automation nearing human shopper levels.
- Increased Attacker Population: The report highlights that nearly 70% of bad bot traffic was classified as low sophistication, suggesting that more attackers are leveraging AI tools for automated attacks, which lowers the entry barrier and potentially escalates cybersecurity risks.
- Diverse Attack Types: At one large multinational retailer, account takeover attacks surged over fivefold year-over-year, carding attacks increased approximately 15 times, and fake account registrations grew sixfold, reflecting a significant uptick in attack activities during the holiday shopping season.
- Emerging Automation Challenges: AI crawlers accounted for over half of the observed AI crawler activity during the holiday shopping season, prompting organizations to evaluate and manage this new category of automated traffic to address the increasingly complex cybersecurity landscape.
See More
- Service Launch: Radware has introduced AI Xploit Shield, designed to provide organizations with rapid protection against exploitation of newly discovered vulnerabilities, particularly as AI models accelerate vulnerability discovery, intensifying security challenges for businesses.
- Automated Protection: This service utilizes virtual patching technology to automatically generate tailored protections for specific applications and APIs, enabling organizations to effectively block attacks during patch testing and deployment, thereby reducing operational risk.
- Market Demand Response: With the accelerating pace of vulnerability discovery, the launch of AI Xploit Shield not only meets the urgent need for rapid response from businesses but also helps maintain security during the remediation process, enhancing Radware's competitiveness in the cybersecurity market.
- Strategic Implications: The release of AI Xploit Shield expands Radware's AI-powered cloud security platform, demonstrating the company's ongoing investment in addressing evolving cyber threats and aiming to enhance customer security capabilities.
See More








