Diving Deeply into IAM Policy Evaluation – Highlights from AWS re:Inforce IAM433
One of the most talked-about sessions at AWS re:Inforce, and my favorite, was IAM433, on AWS IAM’s internal evaluation mechanisms
By Noam Dahan 
Access Undenied on AWS
Ermetic is launching a new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the reasons for them and offers actionable fixes.
By Noam Dahan 
Wayward Sheriffs and Confused Deputies: Risks in GCP Third Party Access
Most GCP third-party vendors ask for permanent service account keys for access -- increasing credential leakage risk. Used correctly, short-lived credentials offer a secure alternative.
By Noam Dahan 
Testing the Waters: First Impressions of CloudTrail Lake
Our first impressions of AWS's new managed audit and security lake that allows you to aggregate, immutably store, and query activity logs.
By Noam Dahan 
Auditing IAM PassRole: A Problematic Privilege Escalation Permission
How to determine which identities need iam:PassRole to help enforce “use it or lose it” least-privilege.
By Noam Dahan 
Cloud infrastructure is not immune from the SolarWinds Orion breach
Organizations exposed to the SolarWinds breach must identify exposed credentials and rotate them asap.
By Noam Dahan