Noam Dahan

Noam Dahan is a Senior Security Researcher at Ermetic, with several years of experience in embedded security. He is a graduate of the prestigious Talpiot program of the Israel Defense Forces, where he spent several years in the elite 8200 Intelligence Corps. Noam was a competitive debater and is a former winner of the World Debating Championship. In his spare time, he is an avid board gamer and shares his love for miserable sports teams. Noam holds a MEng in Electrical Engineering from Tel Aviv University and a BS in Computer Science and Physics from The Hebrew University of Jerusalem.

Diving Deeply into IAM Policy Evaluation – Highlights from AWS re:Inforce IAM433

One of the most talked-about sessions at AWS re:Inforce, and my favorite, was IAM433, on AWS IAM’s internal evaluation mechanisms

By Noam Dahan Sep 29, 2022

Access Undenied on AWS

Ermetic is launching a new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the reasons for them and offers actionable fixes.

By Noam Dahan Mar 20, 2022

Wayward Sheriffs and Confused Deputies: Risks in GCP Third Party Access

Most GCP third-party vendors ask for permanent service account keys for access -- increasing credential leakage risk. Used correctly, short-lived credentials offer a secure alternative.

By Noam Dahan Feb 01, 2022

Testing the Waters: First Impressions of CloudTrail Lake

Our first impressions of AWS's new managed audit and security lake that allows you to aggregate, immutably store, and query activity logs.

By Noam Dahan Jan 13, 2022

Auditing IAM PassRole: A Problematic Privilege Escalation Permission

How to determine which identities need iam:PassRole to help enforce “use it or lose it” least-privilege.

By Noam Dahan Jan 13, 2021

Cloud infrastructure is not immune from the SolarWinds Orion breach

Organizations exposed to the SolarWinds breach must identify exposed credentials and rotate them asap.

By Noam Dahan Dec 23, 2020