Cloud

DevSecOps: An Organizational Fix for Improving Cloud Security – Friction-free

By implementing the DevSecOps culture, tools and training, you’ll be on your way to more shift left security and less organizational friction. Here’s how.

By Ermetic Team

Facing the Shift-Left Security Conundrum. A True Story

Shift left security is hot – until it's not. Dynamic business requirements and cloud complexity pose major least privilege challenges.

By Ermetic Team

How to Wrap Your Cybersecurity Plan around an Attacker’s Mindset

Is an attacker interested in your organization? Probably. Deconstructing the PoV of cyber attackers is key to defending your turf.

By Ermetic Team

Cloud Native and the Hype of Security

Through proper understanding and support, your organization can ensure it is secure while operating in the cloud and start taking advantage of the many possibilities present.

By Tanya Janca

Cloud Security Posture Management (CSPM) Tools: The Ultimate Guide

What are CSPM solutions and how can they help organizations stay compliant and avoid the security risks of misconfigurations? Answers (and more) inside.

By Ermetic Team

Cloud and Data Security for Financial Services

Financial service organizations are adopting the cloud at a rapid pace. A robust solution for compliance and cloud security will ensure they enjoy all the benefits.

By Ermetic Team

AWS, Azure and GCP: The Ultimate IAM Comparison

AWS vs. Azure vs. GCP - how do these cloud providers compare when it comes to IAM? Read on to find out.

By Ermetic Team

Securing Your Cloud with Zero Trust and Least Privilege

Zero trust could be the solution for your modern security perils. Read on to discover what zero trust and least privilege are – and how to get started.

By Ermetic Team

Verizon’s Data Breach Report – Insights for Cloud Security Professionals

Select highlights from Verizon’s recent Data Breach Investigations Report (DBIR) that may interest cloud security professionals – and suggested actions

By Ermetic Team

How to Operationalize a Cloud Security Solution

How to successfully operationalize your cloud security solution in 4 easy steps – and why fast and effective operationalization matters

By Ermetic Team

Lessons Learned in Cloud Security from Lapsus$ Surfacing

Cloud security practitioners can learn about the best practices that reduce the threat of cyber attacks from groups like Lapsus$.

By Ermetic Team

7 Cloud Security Trends That May Impact Your Cloud Security Planning

From leading CSPs to growing interest in multicloud, here’s what’s trending in measurable search traffic around cloud security - and what it means for security and IT teams.

By Ermetic Team

3 Cloud IAM Security Questions You Must Be Able to Answer

It doesn’t matter if it’s AWS, GCP or Azure IAM, cloud deployment is redefining the work of IAM professionals

By Ermetic Team

Cloud Identities and the Not So Long and Slightly Winding Road to Governance

A look at Forrester’s roadmap for the deployment and use of CIG to decrease the cloud threat surface and the costs of cloud data protection.

By Ermetic Team

How CSPM and CIEM may Solve your Cloud Compliance Challenges

With compliance essential to your organization, what strategy to take? Can you rely on a standard cloud security posture management tool – or do you need more?

By Ermetic Team

How a Healthcare Provider Secures Its Cloud Infrastructure

Insights from a healthcare security executive on how automating risk mitigation and compliance boosted their cloud infrastructure security.

By Larry Viviano

Cloud Native Application Protection Platform (CNAPP): An Evolving Approach to Cloud Security

A closer look at the newest Cloud Security category as defined by Gartner: Cloud Native Application Protection Platform (CNAPP).

By Ermetic Team

Top 7 Questions to Ask During a POC with a Cloud Security Vendor

A useful set of questions to help you get the most out of your upcoming POC -- and ensure that the solution will meet your cloud security needs.

By Ermetic Team

Top 6 Questions You Should Ask a Cloud Security Vendor

Choosing a cloud security platform and tools is not for the weak of heart – so much at stake! This framework can help you decide which vendor is right for you.

By Ermetic Team

Reaching for the Clouds with Our $70M Series B Financing

Ermetic is proud to have closed our Series B financing, enabling us to continue building the best cloud security platform that focuses on what matters.

By Shai Morag

How to Start Up Your Cloud Security

Startups may think they can postpone implementing a cloud security program but should in fact take early action - here’s why, and easy steps for doing so.

By Ermetic Team

Ermetic Cloud Security Predictions for 2022

Remote work, which is here to stay, has become the cloud’s killer app. Here are our five security predictions for the year ahead.

By Shai Morag

Useful Tips for Choosing a Cloud Security Vendor

A guide for what to take into account when starting to evaluate cloud security solutions. What to consider, how to determine value and how to navigate between capabilities and your needs.

By Ermetic Team

The Top 24 Concerns for Cloud Security Teams

The complete checklist of threats and security gaps out to get your cloud

By Ermetic Team

How Ermetic Takes Care of the Basics of Cloud Security

Exploring the basics of the Ermetic security platform, which protects against permissions-related risks in the cloud and ensures compliance

By Ermetic Team

93% of Security Professionals Say Their Identity Breaches Could Have Been Prevented

A look at key findings of a recent IDSA report to see how remote work has affected identity security.

By Ermetic Team

CISO’s First 100 Days: Ermetic’s Guide to Getting Started

Everything you need to know about securing your cloud as a CISO.

By Ermetic Team

Why Managing Security Posture and Entitlements from One Place Makes Sense

How a unified CSPM/CIEM platform can provide solutions to highly prioritized security risks, with minimal overhead.

By Ermetic Team

The Importance of Identity and Access Management (IAM) in Cloud Infrastructure

How to manage human and service identities, and their entitlements, to secure your cloud infrastructure.

By Ermetic Team

Repokid and Beyond: AWS Least Privilege, Gift-Wrapped

Travis McPeak explains why least privilege is so hard to achieve and how the automated approach works.

By Travis McPeak

State of Cloud Security 2021: More Aware Yet Very Exposed

Dan Yachin digs into our State of Cloud Security 2021 Report and shares his insight.

By Dan Yachin

Why Privileged Access Management (PAM) Fails Cloud Infrastructure…and What to do About it

PAM, its challenges for AWS, GCP and Azure environments - and CIEM as a solution.

By Ermetic Team

TeamTNT Strikes Again: A Wake-Up Call to Start Securing Cloud Entitlements

Examining the news that TeamTNT is targeting 16 more applications, including Google Cloud.

By Lior Zatlavi

Best Practices for Securing Public Cloud Infrastructure

Bruce's suggestions for securing public cloud infrastructure, across industries.

By Bruce Gibson

Cloud Security: What’s Good for Fintech Is Good for… All Our Clients

Mohara shares how Ermetic keeps things secure and management-sane inside their cloud software development shop.

By Ermetic Team

Coronavirus and Cloud Breaches: Looking Back to Look Forward

Data breaches remain a challenge, even with companies increasing their investment in cybersecurity products and tools.

By Or Priel

Introducing the Ermetic Advisory Board: Gerhard Eschelbeck, Former CISO of Google

We recently announced the formation of the Ermetic Advisory Board which includes a who’s who of CISOs and cloud security experts from the technology, media and communications sectors. So who *are* these experts? In recent posts, we met Travis McPeak of Netflix, Adrian Ludwig of Atlassian and Elie AbenMoha of Publicis Groupe. Next up is Gerhard Eschelbeck, the former […]

By Ermetic Team

Cloud infrastructure is not immune from the SolarWinds Orion breach

Organizations exposed to the SolarWinds breach must identify exposed credentials and rotate them asap.

By Noam Dahan

The Wild Ride of 2020 and its Impact on Cloud Security

As 2020 comes to a close, we asked the co-founders to share the lessons they learned.

By Ermetic Team

Introducing the Ermetic Advisory Board: Elie AbenMoha of Publicis Groupe

Thoughts on cloud security from advisory board member Elie AbenMoha of Publicis Groupe

By Ermetic Team

Introducing the Ermetic Advisory Board: Adrian Ludwig of Atlassian

Adrian Ludwig of Atlassian shares his predictions and insights on public cloud security.

By Ermetic Team

Introducing the Ermetic Advisory Board: Travis McPeak of Netflix

Travis McPeak shares his predictions and insights on public cloud security.

By Ermetic Team

The Three Ways of DevOps

Applying least privilege to cloud instances without adding bulk and delays to your pipeline.

By Tanya Janca

Protect Applications and Data with Cloud Infrastructure Entitlements Management (CIEM)

Breaking down the hype around Cloud Infrastructure Entitlements Management (CIEM).

By Ermetic Team

The Challenges of Securing Data Access in the Cloud, Part 4 (of 4)

Part 4 (of 4) - Sharing and Chaining Roles

By Arick Goomanovsky

The Challenges of Securing Data Access in the Cloud, Part 3 (of 4)

Part 3 - Looking beyond AWS IAM roles

By Arick Goomanovsky

The Challenges of Securing Data Access in the Cloud, Part 2 (of 4)

Part 2 (of 4): A closer look at IAM policies

By Arick Goomanovsky

The Challenges of Securing Data Access in the Cloud, Part 1 (of 4)

Part 1: Why is it so complicated to manage identities and entitlements in the cloud?

By Arick Goomanovsky

Why Information Security Must be as Adaptable as the Environment it Protects

Why information security must be more deeply integrated into everyday processes through intelligent automation.

By Dan Yachin