
The trust paradox: How attackers weaponize legitimate SaaS platforms
From Talos Takes by Cisco Talos
May 7, 2026 · 21 min
About this episode
This episode discusses how attackers exploit legitimate SaaS platforms to conduct phishing attacks.
In this episode of Talos Takes, Amy Ciminnisi sits down with researcher Diana Brown to discuss the rise of "platform-as-a-proxy" (PAP) attacks. We explore how threat actors are weaponizing legitimate SaaS platforms like GitHub and Jira to deliver phishing campaigns that bypass traditional security filters. By leveraging the platforms' own infrastructure to send authenticated emails, attackers are exploiting the inherent trust employees place in these essential business tools. We break down th...
People in this episode
Host: Amy Ciminnisi
Guest: Diana Brown
Topics covered
- platform-as-a-proxy
- SaaS attacks
- phishing campaigns
- cybersecurity
- email security
Keywords
- platform-as-a-proxy
- SaaS
- phishing
- cybersecurity
- GitHub
- Jira
- email authentication
Mentioned in this episode
Organizations: GitHub, Jira
More episodes of Talos Takes
- When synthetic logs don’t lie: Generating coherent attack stories for better detection · June 3, 2026 · 19 min
- It's not you, it's your printer: State-sponsored and phishing threats in 2025 · April 21, 2026 · 29 min
- 2025's ransomware trends and zombie vulnerabilities · April 7, 2026 · 22 min
- Cybersecurity’s double-header: 2025 insights from Talos and Splunk · March 26, 2026 · 32 min
- Modernizing your threat hunt · March 12, 2026 · 23 min
- Holding the line: Service provider security · February 26, 2026 · 29 min
Explore listener stats, chart rankings, contacts and more on the Talos Takes podcast page.