Using its AI Autonomous Attack Simulation, the new research exposes critical cloud security blind spot where legitimate configurations can be chained into full organizational control
Skyhawk Security, a pioneer in AI-based red team cloud security, today announced new research showcasing how its Agentic AI Red Team took control of a company’s production AWS organization in seconds, starting with low-privileges and escalating to gaining control over a production organization. Skyhawk conducted the research to simulate what an agentic AI attacker is capable of within a real financial services company’s cloud environment. No frontier AI model was required to build or execute the attack, underpinning its severity in the traditional cloud security ecosystem.
Skyhawk’s AI Red Team executed the takeover despite the company following best practices, from configuring permissions and roles to utilizing a leading cloud-native application protection (CNAPP) platform. This autonomous AI attack is particularly concerning because there is no vulnerability to patch, no excessive permission to remove and no misconfiguration alert to remediate.
Skyhawk’s AI Red Team identified a chain of legitimate permissions and capabilities that were individually valid and intentionally configured. By dynamically manipulating roles and permissions, the AI Autonomous Attack Simulation moved from a low-privilege role to a complete production organization takeover. Once an attacker reaches that level of access in a production cloud environment, they can dismantle a business from the inside out.
Also Read: CIO Influence Interview with Hugo Dozois-Caouette, CTO and Co-founder at MaintainX
The research emphasizes that traditional security controls would not be well positioned to stop AI Autonomous Attacks, preemptively or at runtime.
“For years, cloud security has centered on finding what is broken. This case shows that in the era of AI Autonomous Attacks, that model is no longer sufficient. The company we worked with during this research was doing a great job. Nothing in their environment was broken,” said Chen Burshan, CEO of Skyhawk Security. “Their security team had done the work and they were part of a leading CNAPP’s ‘zero critical findings club,’ but our AI Red team was still able to get full organization control. The risk lived in a chain of legitimate capabilities an Agentic AI-enabled attacker would utilize. To defend against AI Autonomous Attacks and prevent breaches, defenders must simulate what an attacker can actually do, build controls around the full attack and stop the attacker at AI speed.”
Industry data shows IAM is the initial access vector in more than 70% of cloud attacks and is involved in approximately 83% of attacks overall. Skyhawk’s research proves that IAM rightsizing alone cannot eliminate cloud risk.
A traditional graph view of the customer environment did not surface the attack. Static attack graph analysis showed no viable route from low privilege to organizational control, giving the security team a false sense of confidence. Skyhawk’s AI-powered adversarial view revealed how a threat actor would manipulate legitimate capabilities across privileges and boundaries until full organizational access was achieved.
Skyhawk’s AI Attack Simulation found the path in seconds, ascertaining that autonomous AI attackers can do the same.
“Agentic AI is changing cybersecurity from a static configuration problem into a dynamic systems problem,” said Rob Strechay, Cybersecurity Analyst and Principal at Smuget Consulting. “Organizations have invested heavily in identifying vulnerabilities and reducing misconfigurations, but AI-powered adversaries can reason across identities, permissions and cloud services in ways traditional tools were never designed to anticipate. The next phase of cloud security will be defined by continuously validating how an autonomous attacker could exploit legitimate capabilities before they become a business risk.”
Catch more CIO Insights: What Does “Job-Ready” Really Mean in IT and Cybersecurity?
[To share your insights with us, please write to psen@itechseries.com ]
