Why It’s Important to Take Notice of AWS IAM Roles Anywhere
IAM Roles Anywhere may be a pivotal moment for security — the new service lets you enrich the arsenal of…
By Lior Zatlavi 
Reducing the Risk from Misused AWS IAM User Access Keys
Used incorrectly, AWS IAM User Access Keys can pose high risk; the good news is that great alternatives, explored here,…
By Lior Zatlavi Latest
IDSA Introduces CIEM Best Practices
The Identity Defined Security Alliance recently announced their list of Best Practices for Cloud Infrastructure Entitlement Management.
By Ermetic Team 
96% Could Have Prevented Their Identity Breach – IDSA
Identity-related breaches are on the rise but security and IAM pros are not idle. Learn from this survey how they…
By Ermetic Team 
Facing the Shift-Left Security Conundrum. A True Story
Shift left security is hot – until it’s not. Dynamic business requirements and cloud complexity pose major least privilege challenges.
By Ermetic Team 
Cloud
See all
DevSecOps: An Organizational Fix for Improving Cloud Security – Friction-free
By implementing the DevSecOps culture, tools and training, you’ll be on your way to more shift left security and less…
By Ermetic Team 
How to Wrap Your Cybersecurity Plan around an Attacker’s Mindset
Is an attacker interested in your organization? Probably. Deconstructing the PoV of cyber attackers is key to defending your turf.
By Ermetic Team 
Cloud Native and the Hype of Security
Through proper understanding and support, your organization can ensure it is secure while operating in the cloud and start taking…
By Tanya Janca
AWS
See all
6 Tips for Successfully Securing Your AWS Environment
Top six actions and practices you can take to protect your AWS environment today.
By Ermetic Team 
Access Undenied on AWS
Ermetic is launching a new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the…
By Noam Dahan 
Keep Your S3 Safe from CloudTrail Auditors
AWSCloudTrailReadOnlyAccess currently allows s3:GetObject for “*” and s3:ListAllMyBuckets – and reading CloudTrail logs may also give access to bucket object…
By Lior Zatlavi
Azure
See all
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
The importance of understanding the assignments of Azure resource roles when giving permissions.
By Lior Zatlavi 
The ABCs of Azure Identity Governance Tools
The main Azure mechanisms for governing identities and providing access permissions.
By Lior Zatlavi 
Deconstructing Azure Access Management using RBAC
The basics of Azure RBAC — the main mechanism in Azure for granting permissions to resources.
By Lior Zatlavi 
