Connect with us

Hi, what are you looking for?


Cybersecurity Funding

Zero Trust Provider Mesh Security Emerges From Stealth Mode

Israeli cybersecurity startup Mesh Security today emerged from stealth mode with a zero trust posture management (ZTPM) solution that helps organizations implement a zero trust architecture in the cloud.

Israeli cybersecurity startup Mesh Security today emerged from stealth mode with a zero trust posture management (ZTPM) solution that helps organizations implement a zero trust architecture in the cloud.

Founded in February 2022, the Tel Aviv-based company claims it can provide real-time visibility, control, and protection across all enterprise assets, regardless of where they are located.

The expansion of XaaS (Anything/Everything-as-a-Service) has created a broad attack surface that organizations may find difficult to protect.

Mesh believes that the adoption of a zero trust architecture helps mitigate these evolving risks, and has built a platform that organizations can use to implement a unified zero trust architecture on top of existing stacks.

The company claims that its ZTPM SaaS platform can map an organization’s entire cloud XaaS estate in minutes, to deliver complete visibility into its current zero trust posture.

Mesh also designed its platform to monitor for anomalous behavior, prioritize critical risks and sensitive assets, and help organizations automate remediation to improve security and ensure compliance.

Also today, Mesh warned of a MFA bypass and impersonation risk impacting over 100 vendors. Referred to as ‘Cookeys’, the problem exists because improper session cookie validation allows attackers to access mission-critical resources remotely.

Advertisement. Scroll to continue reading.

“Among the [impacted organizations] are several leading Zero Trust vendors that surprisingly do not follow the first fundamental principle of Zero Trust: every system should explicitly verify every digital interaction,” Mesh says.

One of the identified issues was that stolen session cookies could be used to log into various resources and take over accounts. An attacker could use these stolen cookies even to bypass active MFA mechanisms.

“Cookie reuse without proper validation results in an adversary that can impersonate another user to perform business functions on their behalf. This threat can lead to internal phishing, fraud, data theft, and ransomware,” Mesh notes.

Cookeys, the company notes, can also be exploited for lateral movement, where adversaries use legitimate and verified identities to perform nefarious operations, such as accessing restricted business resources.

With access to a SaaS application account, the attacker could stealthily eavesdrop on data in transit, performing espionage, sabotage, or even data theft, Mesh notes. Furthermore, the attacker could gain access to a variety of XaaS resources and data, even to the organization’s most sensitive assets.

One of the organizations impacted by these risks, Mesh says, is Okta. When informed of the vulnerability, Okta said that it relies on browser and operating system protections to prevent cookie stealing and malicious plugin attacks.

“If an attacker were to have a foothold on your endpoint that allowed them access to user cookies, they would typically already have the ability to deploy malware or other methods to compromise the downstream applications,” Okta said.

Related: Privya Emerges From Stealth With Data Privacy Code Scanning Platform

Related: Data Security Firm Sotero Raises $8 Million in Seed Funding

Related: Edge Management and Orchestration Firm Zededa Raises $26 Million

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cybersecurity Funding

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...