It’s a new beginning! Ermetic is now Tenable Cloud Security.

Avatar

Noam Dahan

Building Custom Scenarios with CNAPPgoat

You can now construct and import your own vulnerability scenarios into CNAPPgoat, enhancing your cloud security skills

Noam Dahan
By Noam Dahan Sep 27, 2023

Diving Deeply into IAM Policy Evaluation – Highlights from AWS re:Inforce IAM433

One of the most talked-about sessions at AWS re:Inforce, and my favorite, was IAM433, on AWS IAM’s internal evaluation mechanisms

Noam Dahan
By Noam Dahan Sep 29, 2022

Access Undenied on AWS

Introducing our new new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the reasons for them and offers actionable fixes.

Noam Dahan
By Noam Dahan Mar 20, 2022

Wayward Sheriffs and Confused Deputies: Risks in GCP Third Party Access

Most GCP third-party vendors ask for permanent service account keys for access -- increasing credential leakage risk. Used correctly, short-lived credentials offer a secure alternative.

Noam Dahan
By Noam Dahan Feb 01, 2022

Testing the Waters: First Impressions of CloudTrail Lake

Our first impressions of AWS's new managed audit and security lake that allows you to aggregate, immutably store, and query activity logs.

Noam Dahan
By Noam Dahan Jan 13, 2022

Auditing IAM PassRole: A Problematic Privilege Escalation Permission

How to determine which identities need iam:PassRole to help enforce “use it or lose it” least-privilege.

Noam Dahan
By Noam Dahan Jan 13, 2021

Cloud infrastructure is not immune from the SolarWinds Orion breach

Organizations exposed to the SolarWinds breach must identify exposed credentials and rotate them asap.

Noam Dahan
By Noam Dahan Dec 23, 2020
Skip to content