Lior Zatlavi, Author at Ermetic

A New Incentive for Using AWS VPC Endpoints

If you haven’t been using VPC endpoints until now, AWS's two new condition keys should make you consider doing so

By Lior Zatlavi

AWS EC2 IMDS – What You Need to Know

Read this review of IMDS, an important AWS EC2 service component, to understand its two versions and improve your AWS security

By Lior Zatlavi

A Caveat for Azure VM Public IP Configuration

If you’re not familiar enough with the SKU attribute of the Azure public IP address, you may think you’re configuring VMs as public to the internet... but aren’t.

By Lior Zatlavi

How to Minimize Unintended Access and Achieve Least Privilege with Ermetic and AWS

Lior Zatlavi explains how to set up the platform in your environment and get maximum value

By Lior Zatlavi

IAM Role Trust Update – What You Need to Know

When it comes to assuming roles, AWS is changing an aspect of how trust policy is evaluated; here is a quick digest of what this change may mean to you.

By Lior Zatlavi

Public Network Access to Azure Resources Is Too Easy to Configure

For some types of Microsoft Azure resources and subnets, it’s extremely easy to configure what is essentially public network access. We describe here some examples and how to reduce such risks.

By Lior Zatlavi

Five Lessons Every Cybersecurity Team Can Learn from the Uber Incident

Upon hearing of a cyber security incident, alleged or factual, the most productive thing to do is learn what you can from its main lessons

By Lior Zatlavi

Taking Notice of AWS IAM Roles Anywhere

IAM Roles Anywhere may be a pivotal moment for security — the new service lets you enrich the arsenal of tools at your disposal to improve your AWS security posture.

By Lior Zatlavi

3 Ways to Reduce the Risk from Misused AWS IAM User Access Keys

Used incorrectly, AWS IAM User Access Keys can pose high risk; the good news is that great alternatives, explored here, exist

By Lior Zatlavi

The Advanced Risk of Basic Roles In GCP IAM

Basic roles in GCP allow data-level actions, even though at first glance it might seem like they don’t. Avoid using basic roles, and if you must use them, make a special effort to protect any sensitive data you store in your GCP projects.

By Lior Zatlavi

Identity Access Management in Google Cloud Platform (GCP IAM)

An introduction for anyone getting started with GCP or even experienced professionals who are looking for a structured overview.

By Lior Zatlavi

Hidden Risk in the Default Roles of Google-Managed Service Accounts

Some Google-managed service accounts are binded by default to a role granting access to storage.objects.read. This hidden risk is (yet another) great reason to use customer-managed KMS keys to encrypt your sensitive data stored in buckets.

By Lior Zatlavi

Keep Your S3 Safe from CloudTrail Auditors

AWSCloudTrailReadOnlyAccess currently allows s3:GetObject for “*” and s3:ListAllMyBuckets – and reading CloudTrail logs may also give access to bucket object keys. BE CAREFUL!

By Lior Zatlavi

Tracking Adversaries in AWS using Anomaly Detection, Part 2

Going through the cyber “kill chain” with Pacu and using automated analysis to detect anomalous behavior

By Lior Zatlavi

Tracking Adversaries in AWS using Anomaly Detection, Part 1

Minimizing the impact of a breach by identifying malicious actors’ anomalous behavior and taking action.

By Lior Zatlavi

SEGA’s Saga of Nearly Compromised Credentials

A look at VPNO’s recent findings of publicly accessible S3 buckets on SEGA’s infrastructure and what we can learn from it.

By Lior Zatlavi

Protect Your AWS Environment Beyond Patching Log4j

The crucial strategic lessons overlooked by enterprises dealing with the recently reported Log4j vulnerability.

By Lior Zatlavi

Not Just Buckets: Are You Aware of ALL Your Public Resources?

A misconfiguration of resource based policies can inadvertently make resources public. Do you have such misconfigured policies present in your environment?

By Lior Zatlavi