Skip to content

Main Navigation

Ermetic
  • Platform
  • Solutions
    • Cloud Provider
      • AWS
      • Azure
      • GCP
    • Initiative
      • CIEM
      • CSPM
      • CWP
      • CNAPP
      • IaC Security
      • Just-in-Time
      • Public Cloud Security
      • Cloud Identity Governance
    • Role
      • CISOs
      • Cloud Security
      • DevSecOps
      • IAM Professionals
    • Industry
      • Healthcare
      • Government
      • Cloud-Native Companies
      • Financial Services
      • eCommerce
      • SaaS
      • Tech Vendors
    • Seeing is Believing

      See how Ermetic can help secure your data.

  • Learn
    • Resources
    • Events
    • Blog
    • Whitepapers
    • Webinars
    • Cloud Sec 101
    • Maturity Model
    • How’s your maturity?

      Take the Ermetic cloud security maturity self-assessment.

  • Company
    • About Us
    • News
    • Partners
    • Careers
    • Contact Us
    • Start a free trial

      See how Ermetic can help secure your data.

  • Free Trial
  • Get a Demo

GCP

  • Blog home
  • AWS
  • Azure
  • Cloud
  • GCP

How Attackers Can Exploit GCP’s Multicloud Workload Solution

A deep dive into the inner workings of GCP Workload Identity Federation, taking a look at risks and how to avoid misconfigurations.

Liv Matan By Liv Matan

The Advanced Risk of Basic Roles In GCP IAM

Basic roles in GCP allow data-level actions, even though at first glance it might seem like they don’t. Avoid using basic roles, and if you must use them, make a special effort to protect any sensitive data you store in your GCP projects.

Lior Zatlavi By Lior Zatlavi

Identity Access Management in Google Cloud Platform (GCP IAM)

An introduction for anyone getting started with GCP or even experienced professionals who are looking for a structured overview.

Lior Zatlavi By Lior Zatlavi

Hidden Risk in the Default Roles of Google-Managed Service Accounts

Some Google-managed service accounts are binded by default to a role granting access to storage.objects.read. This hidden risk is (yet another) great reason to use customer-managed KMS keys to encrypt your sensitive data stored in buckets.

Lior Zatlavi By Lior Zatlavi

Introduction to IAM in Google Cloud Platform (GCP)

An introduction for anyone getting started with GCP or even experienced professionals who are looking for a structured overview.

Lior Zatlavi By Lior Zatlavi

The GCP Shared Responsibility Model: Everything You Need to Know

What the GCP Shared Responsibility Model is and how security teams can get started

Ermetic Team By Ermetic Team

Wayward Sheriffs and Confused Deputies: Risks in GCP Third Party Access

Most GCP third-party vendors ask for permanent service account keys for access -- increasing credential leakage risk. Used correctly, short-lived credentials offer a secure alternative.

Noam Dahan By Noam Dahan
  • See for Yourself!

    Let us know how to reach you, and we will be in touch to schedule a demo

    Get a demo Watch video
  • Certifications

  • Product

    • Home
    • Platform
    • AWS
    • Azure
    • GCP
    • Get a Demo
    • Start a Free Trial
  • Solutions

    • CIEM
    • CSPM
    • CWP
    • CNAPP
    • IaC Security
    • Just-in-Time
    • Public Cloud Security
    • Cloud Identity Governance
    • CISOs
    • Cloud Security
    • DevSecOps
    • IAM Professionals
  • Learn

    • Resources
    • Events
    • Blog
    • Whitepapers
    • Webinars
    • Maturity Model
  • Company

    • About Us
    • News
    • Partners
    • Careers
    • Contact Us
  • © 2023 Ermetic Ltd. All Rights Reserved | Privacy Policy | Terms of Use