Black Hat 2022: Why Machine Identities are the most Vulnerable
Ermetic's Igal Gofman and Noam Dahan explained how different the dominant cloud platforms’ approaches to IAM are.
In the presentation, IAM The One Who Knocks, researchers Gofman and Dahan illustrated how different the dominant cloud platforms’ approaches to IAM are. Protecting machine identities with native IAM support from each public cloud platform just isn’t working, as gaps in hybrid cloud configurations leave machines vulnerable. Their presentation provided insights into what makes Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform’s (GCP) approaches to IAM different.
“IAM systems in all three cloud providers we discussed are complex,” Dahan said during the session. “We find that organizations will make mistakes. One of the most important things you can do is stick to one AWS account or GCP project per workload.”
