The trust paradox: How attackers weaponize legitimate SaaS platforms

The trust paradox: How attackers weaponize legitimate SaaS platforms

From Talos Takes by Cisco Talos

May 7, 2026 · 21 min

About this episode

This episode discusses how attackers exploit legitimate SaaS platforms to conduct phishing attacks.

In this episode of Talos Takes, Amy Ciminnisi sits down with researcher Diana Brown to discuss the rise of "platform-as-a-proxy" (PAP) attacks. We explore how threat actors are weaponizing legitimate SaaS platforms like GitHub and Jira to deliver phishing campaigns that bypass traditional security filters. By leveraging the platforms' own infrastructure to send authenticated emails, attackers are exploiting the inherent trust employees place in these essential business tools. We break down th...

People in this episode

Host: Amy Ciminnisi

Guest: Diana Brown

Topics covered

  • platform-as-a-proxy
  • SaaS attacks
  • phishing campaigns
  • cybersecurity
  • email security

Keywords

  • platform-as-a-proxy
  • SaaS
  • phishing
  • cybersecurity
  • GitHub
  • Jira
  • email authentication

Mentioned in this episode

Organizations: GitHub, Jira

More episodes of Talos Takes

Explore listener stats, chart rankings, contacts and more on the Talos Takes podcast page.