Skip to content

Main Navigation

Ermetic
  • Platform
  • Solutions
    • Cloud Provider
      • AWS
      • Azure
      • GCP
    • Initiative
      • CIEM
      • CSPM
      • CWP
      • CNAPP
      • IaC Security
      • Just-in-Time
      • Public Cloud Security
      • Cloud Identity Governance
    • Role
      • CISOs
      • Cloud Security
      • DevSecOps
      • IAM Professionals
    • Industry
      • Healthcare
      • Government
      • Cloud-Native Companies
      • Financial Services
      • eCommerce
      • SaaS
      • Tech Vendors
    • Seeing is Believing

      See how Ermetic can help secure your data.

  • Learn
    • Resources
    • Events
    • Blog
    • Whitepapers
    • Webinars
    • Cloud Sec 101
    • Maturity Model
    • How’s your maturity?

      Take the Ermetic cloud security maturity self-assessment.

  • Company
    • About Us
    • News
    • Partners
    • Careers
    • Contact Us
    • Start a free trial

      See how Ermetic can help secure your data.

  • Free Trial
  • Get a Demo
Noam Dahan

Noam Dahan

Senior Security Researcher at Ermetic

Diving Deeply into IAM Policy Evaluation – Highlights from AWS re:Inforce IAM433

One of the most talked-about sessions at AWS re:Inforce, and my favorite, was IAM433, on AWS IAM’s internal evaluation mechanisms

Noam Dahan By Noam Dahan

Access Undenied on AWS

Ermetic is launching a new open-source tool: Access Undenied on AWS. The tool parses AWS AccessDenied CloudTrail events, explains the reasons for them and offers actionable fixes.

Noam Dahan By Noam Dahan

Wayward Sheriffs and Confused Deputies: Risks in GCP Third Party Access

Most GCP third-party vendors ask for permanent service account keys for access -- increasing credential leakage risk. Used correctly, short-lived credentials offer a secure alternative.

Noam Dahan By Noam Dahan

Testing the Waters: First Impressions of CloudTrail Lake

Our first impressions of AWS's new managed audit and security lake that allows you to aggregate, immutably store, and query activity logs.

Noam Dahan By Noam Dahan

Auditing IAM PassRole: A Problematic Privilege Escalation Permission

How to determine which identities need iam:PassRole to help enforce “use it or lose it” least-privilege.

Noam Dahan By Noam Dahan

Cloud infrastructure is not immune from the SolarWinds Orion breach

Organizations exposed to the SolarWinds breach must identify exposed credentials and rotate them asap.

Noam Dahan By Noam Dahan
  • See for Yourself!

    Let us know how to reach you, and we will be in touch to schedule a demo

    Get a demo Watch video
  • Certifications

  • Product

    • Home
    • Platform
    • AWS
    • Azure
    • GCP
    • Get a Demo
    • Start a Free Trial
  • Solutions

    • CIEM
    • CSPM
    • CWP
    • CNAPP
    • IaC Security
    • Just-in-Time
    • Public Cloud Security
    • Cloud Identity Governance
    • CISOs
    • Cloud Security
    • DevSecOps
    • IAM Professionals
  • Learn

    • Resources
    • Events
    • Blog
    • Whitepapers
    • Webinars
    • Maturity Model
  • Company

    • About Us
    • News
    • Partners
    • Careers
    • Contact Us
  • © 2023 Ermetic Ltd. All Rights Reserved | Privacy Policy | Terms of Use