Ransomware’s evolution: 6 key trends to watch

As security teams start to fight back, attackers have only become more sophisticated.

Ermetic Named Finalist in Computing’s Security Excellence Awards 2021

The Awards celebrate the achievements of the security industry through recognition and rewarding of exceptional companies, people, products and projects.

Toolbox Logo

What Makes AWS Buckets Vulnerable to Ransomware and How to Mitigate the Threat

As more data is being migrated to cloud, the risk of ransomware attacks on AWS’ S3 buckets have increased.

2021 Euroscape Ermetic

Ermetic Named in Accel 2021 Euroscape Top 100

Euroscape Top 100 is global VC firm Accel’s annual list of the hottest European and Israeli cloud companies to watch.

‘Toxic permissions’ leave AWS S3 buckets vulnerable to ransomware

The “toxic combination of overprivileged identities and poorly configured environments” can potentially expose data.

Cyber OSPA

Ermetic named a finalist in the first-ever Cyber OSPAs

The awards recognize the outstanding contribution organizations, people and technology are making to protect society from all areas of cybercrime.

eweek logo

Secure Cloud Migration: Beware Identity Failures and Misconfigurations

It’s critical to operate within a least privileged identity model and remediate unnecessary entitlements and misconfigurations.

Forbes Logo

How M&As Expose Cloud Security Shortcomings

In his recent article for the Forbes Technology Council, Shai Morag takes a look at some best practices for addressing multicloud security.

Ermetic Named a Top Startup to watch in Big50’s 2021 Startup Report

The 2021 Big50 Startup Report has been published…and we’re excited to be included! The Report, by Startup50’s Jeff Vance, highlights top tech startups — like us — that he believes are reshaping fast-growth markets. The startups featured in this year’s report have collectively raised more than $2B in funding since their last report published and […]

Managing Entitlements and Access in the Cloud is a Leading Security Risk

Public cloud environments offer a flexible way for organizations to provision resources, spin up containers based on ever-changing requirements, and more. Public cloud deployments can quickly turn into a complicated highway of interconnected machines, users, applications, services, containers and microservices. The huge undertaking of keeping track, evaluating risks and defining access policies and permissions for […]

Ermetic Named Finalist in Black Unicorn Awards for 2021

We are excited to share that Ermetic was named a finalist in the Black Unicorn Awards for 2021! We were up against many of the industry’s leading providers of cybersecurity products and services for this prestigious award. The term “Baby Black Unicorn” signifies a cybersecurity company that has the potential to reach a $1 billion […]

Shai Morag Named One of the Top 25 Cybersecurity CEOs of 2021

We’re excited to share that the Software Report has named Ermetic co-founder and CEO Shai Morag one of the Top 25 Cybersecurity CEOs of 2021. According to The Software Report, “these accomplished executives lead some of the most sophisticated operations that protect businesses and individuals across the globe. Hundreds of exceptional CEOs were nominated in […]

A Six-Step Process For Managing Cloud Entitlements

If your cloud strategy and infrastructure is stressing you out, you’re not alone. As companies add more and more cloud services and providers, the process of managing entitlements becomes more and more complicated. Multicloud environments make it even more complicated because entitlements aren’t always defined consistently. It’s clear that organizations need the right tools to […]

What is Cybersecurity? Defined, Explained, and Trends

In a recent article, Troy Cogburn, Director of Vation Intelligence explores cybersecurity as a discipline that reduces the risk of a cyber attack against IT systems, devices, and networks. “Cybersecurity covers a broad remit of principles, measures, and processes that help protect devices, services, and IT systems during both online and offline use,” he says. […]

Almost All Organisations Suffered At Least One Data Breach in Past 18 Months

In a recent article, CPO Magazine takes a deep dive into our IDC Survey Report: State of Cloud Security 2021 where we found nearly all organizations experienced a cloud data breach within the last 18 months. The survey polled 200 CISOs and other key IT security decision-makers and found that lack of visibility and identity […]

Ermetic Named CRN Emerging Vendor 2021

We are proud to share that Ermetic has been selected to be featured on CRN’s Emerging Vendors list for 2021 in the Security category. Chosen by the CRN editorial team, this annual list highlights the new and innovative technology suppliers that have shown an unwavering commitment to delivering the latest technology services and solutions through […]

Major threats to cloud infrastructure security include a lack of visibility and inadequate IAM

In a recent article, HelpNet Security did a deep dive into our recent findings in the IDC Survey Report: State of Cloud Security 2021.

IDSA Report: 2021 Trends in Securing Digital Identities

The Identity Defined Security Alliance recently published their “2021 Trends in Securing Digital Identities” report. Sponsored by the IDSA, the report is based on an online survey conducted by Dimensional Research of more than 500 security and identity professionals from the United States who worked at companies with more than 1,000 employees. The survey examined […]

98 percent of companies experience cloud data breaches

In a recent article on BetaNews, Ian Barker takes a look at our recent IDC Survey results which found that in the last 18 months, 98% of companies experienced at least one cloud data breach — up from 79 percent last year. In addition, almost 70% of companies spend more than 25 hours per week […]

14 Expert Recommendations For Creating An Effective Cloud Governance Policy

When small businesses are inundated with messages of the benefits of a shift to the cloud, they may mistakenly think that once they’ve moved, their “tech responsibilities” are over. But businesses need to develop and implement policies that govern cloud access, cost management and compliance, otherwise, their processes may perpetuate inefficiencies, costs and security issues […]

Taming the Overprivileged Cloud

In his latest article for eWeek, Ermetic Chief Business Officer Arick Goomanovsky explains how to tame an overprivileged cloud. “Enterprises are struggling with a swelling number of cloud identities, credentials sprawl and privilege creep,” he wrote. “Gartner has sounded the alarm: by 2023, 75% of cloud security failures will result from inadequate management of identities, […]

Cybersecurity for Multi Clouds: Why the Cloud Needs Native Security

In a recent Toolbox.com article, Ermetic co-founder and CBO Arick Goomanovsky explores how the process of managing multi-cloud cybersecurity forces organizations to rethink traditional approaches. According to Arick, cloud native controls were specifically built to manage privileges and access for any cloud platform, therefore, they provide capabilities that are missing in on-premise and cloud provider-specific […]

Ermetic Included on Tracxn List of Emerging Startups 2021

We are excited to share that we were included on Tracxn's list of Emerging Startups for 2021 in the Top Cloud Infrastructure Startups category.

Five Approaches for Securing Identity in Cloud Infrastructure

In his recent article for the Cloud Security Alliance, Ermetic co-founder and CEO Shai Morag explained that the migration of business processes to the cloud has become mainstream and organizations are enjoying the many benefits of streamlining processes, cutting costs and creating new ways to work. There are, however, also drawbacks including the fact that […]

It is time to treat Privilege like Privacy

Carla Roncato, Senior Analyst at Enterprise Strategy Group, shared that ESG recently asked organizations, “approximately what percentage of your organization’s human and non-human identities have permissions associated with their use of cloud services that are greater than what is required to do their task/job?” We spoke with her last week about the fact that privilege […]

Ermetic Named “Hot Company in Cloud Infrastructure Entitlement Management” at RSA Conference 2021

Ermetic is proud to announce we have won the “Hot Company in Cloud Infrastructure Entitlement Management (CIEM)” award from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine. “Ermetic embodies three major features we judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution and innovating in unexpected ways […]

Protecting Collaboration Channels for Remote Work

In a recent article for Security Boulevard, Ossi Tiainen identified 15 high-potential companies in the cybersecurity space…and Ermetic is included! Tiainen posits that securing collaboration and communication apps is more important than ever because of the recent huge shift to remote work. Even before 2020 and the age of COVID-19, enterprises had shifted from email […]

Ermetic Named Finalist in Computing DevOps Excellence Awards

We are excited to share that we’ve been named a finalist in Computing’s DevOps Excellence Awards in the Best DevSecOps Implementation category, for our work with Latch. The DevOps Excellence Awards showcase “outstanding achievement from organizations, personalities and solutions that have successfully applied DevOps methodologies.” The Awards recognize and celebrate the best of every organization, […]

Cloud security and privacy: 7 action items you should consider

In a recent Tech Beacon article, John P. Mello Jr. offers seven high-priority projects that he says should serve as the base of a robust cloud security program. As more and more enterprises race to the cloud, he offers this checklist for security teams as they put together plans to protect their cloud environments. Our […]

Ermetic Named a Finalist for The Europas “Hottest CyberTech Startup”

We are thrilled to share that Ermetic has made the longlist for Hottest CyberTech Startup at this year’s The Europas. The Europas was formed in 2009 by Mike Butcher, editor-at-large at Techcrunch, to recognize and celebrate innovation emerging from Europe’s thriving tech startup scene. Now in its twelfth year of identifying Europe’s most ambitious and […]

Ermetic Named a “Startup to Watch” by DBTA

Database Trends and Applications (DBTA) notes that “innovative enterprise tech startups are emerging to tackle both new and longstanding challenges and problems in ways never thought possible.” They have observed various outstanding organizations  introduce new approaches to digital transformation, expanding AI and analytics initiatives, streamlining DevOps, improving data observability and more. DBTA named 16 startups […]

The Role of Identity and Entitlements in the Cloud Security Stack

In a recent article for TMCNet, Ermetic co-founder and CEO Shai Morag takes a closer look at how the recent massive adoption of public cloud services has created an ever-growing attack surface. He posits that while this scenario poses significant challenges, he knows that the root of security remains identities and entitlements. Shai explains that […]

Cybersecurity: What are the hottest sectors in Israel?

It’s quite an honor to be recognized by Calcalist’s C-Tech as a “Rising Star” in the Israeli Cloud Security landscape, a strong and growing industry, as organizations transition processes to the cloud. They noted that the 2020 Covid-19 pandemic essentially catapulted the cybersecurity market to an all-time high and took a look at some of […]

Prioritizing the Cloud’s Top Security Risks

In his recent article for the Forbes Technology Council, Ermetic CEO and co-founder Shai Morag addresses the shared responsibility of cloud security between cloud service providers and user organizations. While cloud providers handle infrastructure security, companies are typically left to their own devices to protect the rest of their security stack. The Forbes article outlines […]

Ermetic: In the post-pandemic world, geography will be less critical for sales

Sharon Chavoinik, Ermetic Director of People, recently sat down with Calcalist’s CTech to discuss how, in an era of a global pandemic, remote working can impact the growth of a young company in early stages. According to Sharon, since Ermetic was at such an early stage when the pandemic began, “we had yet to open […]

Why Cloud Security Risks Have Shifted to Identities and Entitlements

In his recent article for Dark Reading, Ermetic Co-Founder and CEO Shai Morag shares his insights on why cloud security risks have shifted to identities and entitlements. He explains that traditional security tools focus on securing the network perimeter and end up leaving user and service accounts wide open to hackers. Manually tracking cloud-access entitlements […]

Ermetic Takes Silver at the 2021 Cybersecurity Excellence Awards

The Ermetic Cloud Security Platform won second place in the CIEM category of the 2021 Cybersecurity Excellence Awards.

Supply chain attacks renew focus on limiting privileged access to cloud data

A recent article on Cybersecurity Dive shares insights from Ermetic co-founder and CBO, Arick Goomanovsky, that as companies scale up using public cloud infrastructure, they should take care to limit privileged access. They explain that there is a growing number of firms moving away from storing critical information on-site and instead, moving their data to […]

PAM vs. CIEM: Cloud Shift Offers an Opportunity to Rethink Access Management

In his recent article for Toolbox, our very own Arick Goomanovsky, Ermetic co-founder and CBO, takes a closer look at how and why it’s so challenging to manage privileged accounts and entitlements in cloud infrastructure. He reviews traditional PAM technologies and their shortcomings and introduces Cloud Infrastructure Entitlements Management (CIEM) as a new and improved […]

How One Multicloud-Based Business Manages Security Controls

In his recent CSO article, Bob Violino, takes a look at how AppsFlyer manages their Security Controls. Every day, the company processes 80 terabytes of data across multiple cloud hosting services. How do they keep everything secure? AppsFlyer enlisted Ermetic’s entitlement management system. “Before we selected Ermetic we conducted a very comprehensive evaluation of cloud […]

Managing Identities and Entitlements to Secure the Public Cloud

In his recent Security Boulevard article, Frank Ohlhorst posits “Accelerated digital transformation in response to the pandemic has blurred the line between the public cloud and the internal network, creating a much more complex environment that organizations still struggle to secure.” He points out that managing identities and entitlements is particularly difficult for organizations. Many […]

Researchers say cloud deployments of SolarWinds Orion could put API keys at risk

The drama in the aftermath of the SolarWinds Orion hack persists, and some shareholders have announced a class-action lawsuit claiming that they were misled by executives about the company’s security. They warned that this catastrophic breach might potentially endanger the cloud applications of Orion users. The warning to cloud users came from our recent blog […]

101 Best Cyber Security Startups To Follow In 2021

Startup Pill recently published their list of top picks for the best Cyber Security startups — and we’re near the top. On their 2020 list, we were included in the Cloud Computing category. They chose startups that take “a variety of approaches to innovating inside of the Cyber Security industry and around the world,” and […]

Vote for Ermetic in the 2021 Cybersecurity Excellence Awards

We are excited to announce that Ermetic has been nominated in the Cloud Infrastructure Entitlements Management (CIEM) category of the 2021 Cybersecurity Excellence Awards. The awards were established to recognize “companies, products and professionals that demonstrate excellence, innovation and leadership in information security.” Produced by Cybersecurity Insiders in partnership with the Information Security Community on […]

SolarWinds hack poses risk to cloud services’ API keys and IAM identities

In a recent blog post, Noam Dahan, a Senior Security Researcher at Ermetic, discussed the aftermath of the SolarWinds breach and how until now, the discussion has been focused on on-premise risks. But the cloud is not immune; the SolarWinds Orion supply chain hack also endangers Amazon Web Services and Microsoft Azure API keys and […]

Why Securing The Cloud Is A Math Problem

In his recent article for the Forbes Technology Council, Shai Morag explains that despite what you may think, there actually is a security perimeter in the cloud. It’s not the type we’re accustomed to protecting, though. He explains that identity is the perimeter because “all an attacker needs to compromise cloud security controls are the […]

Ermetic Named a Finalist in 2020-21 Cloud Awards

We’re excited to share that we have been named a finalist in the international Cloud Computing Awards program, The Cloud Awards. Since 2011, The Cloud Awards has promoted and celebrated excellence and innovation in cloud computing, and we are honored to be included as a finalist. The 2020-21 Cloud Awards include a wide range of […]

How Ermetic Tackles Public Cloud Risks by Securing Identities, Entitlements

eWeek recently reviewed our Cloud Infrastructure Entitlements Management solution for their readers. Their takeaway? eWeek commented that enterprises are seeing an increase in compromises as they swiftly move their applications to the public cloud. They said, “Ermetic tackles those cybersecurity issues by securing the who, what, when, and where of cloud activity. In other words, […]

The Polls are Open for 2020 DevOps Dozen

The polls are open! Ermetic is excited have been nominated in the Cloud Native Security Solution/Service category of the 2020 DevOps Dozen². The Tools and Services Awards category features 12 awards to recognize the companies who “develop and deliver outstanding solutions to empower developers, DevOps and IT operations teams.” The categories include: Best End-to-End DevOps […]

Startup Pill Names Ermetic on Their List of Best Cloud Computing Startups to Follow in 2020

We’re in good company here! Startup Pill recently published a list of their top picks for the best Cloud Computing startups — and we’re near the top. They chose startups that take “a variety of approaches to innovating inside of the cloud computing industry and around the world,” and we’re honored to be included. The […]

Digital Transformation Security Threats will Dominate in 2021

2020 has proven to be an exceptionally challenging year for businesses of all kinds, and the security industry is included. COVID-19 brought with it a whole slew of issues for organizations ranging from health concerns to remote working and everything in between. Shai Morag, Ermetic Co-Founder and CEO, sat down with VMBlog to discuss what […]

Don’t Underestimate The Business Risk Of Cloud Entitlements

As organizations move to the cloud and scale up, the chance of mismanaged privileges, identities and access increases exponentially. Many organizations end up with complex multicloud deployments where the sprawl quickly spreads out of control. They grow from tens to hundreds to thousands of identities and millions of entitlements within a very short period of […]

Ermetic Named a Finalist in Computing’s Security Excellence Awards

We are excited to share that we’ve been named a finalist in the Cloud Security category of Computing’s Security Excellence Awards! According to Computing, these Awards “celebrate the achievements of the IT industry’s leading security companies, solutions, products and personalities – those are keeping every other part of the industry operating.” The Security Excellence Awards […]

Ermetic Named One of 10 Hottest Cloud Computing Startups of 2020 by CRN

We are honored to be named one of the 10 Hottest Cloud Computing Startups of 2020 by CRN. With the world turned upside down with the coronavirus pandemic, one industry saw a boom in growth… cloud computing. Companies working in the cloud computing space saw a huge opportunity to accelerate adoption of their services as […]

Ermetic Named Winner of Sierra Ventures Challenge

Ermetic today announced it has won the Sierra Ventures Challenge organized by Startup50 and will present its product to enterprise buyers from Sierra Ventures CXO advisory board.

Ermetic’s platform provides full stack visibility and control over multi-cloud infrastructure entitlements

“One of the biggest risks in public cloud security is access abuse, specifically excessive permissions and compromised identities having access to data and resources. The challenge is that enforcing least privilege is much more difficult in the public cloud than on-premises,” said Garrett Bekker, Principal Security Analyst at 451 Research, a part of S&P Global […]

What’s New In Gartner’s Hype Cycle For Cloud Security, 2020

In Forbes, Louis Columbus recently wrote up a nice overview of Gartner’s Hype Cycle for Cloud Security for 2020. Gartner proclaims that “public cloud computing platforms have proven battle-ready by supporting unplanned, unexpected workloads from enterprises during the pandemic,” he wrote. Our main takeaway? Cloud Infrastructure Entitlements Management (CIEM) is on the Hype Cycle for […]

Reducing identity and access security risks in cloud infrastructures: A guide

In his latest post for Cloud Tech, Ermetic CEO Shai Morag explores the idea that while organizations may understand the value of leveraging cloud environments, many don’t understand exactly how these infrastructures shift the responsibility of managing security risk back on them. He explains how important it is for organizations to gain control over all […]

CSPM Vs. CIEM: Demystifying Two Popular Cloud Security Acronyms

In his first article for the Forbes Technology Council, Ermetic CEO and Co-Founder Shai Morag takes a closer look at cloud security posture management (CSPM) and cloud infrastructure entitlements management (CIEM). These two technologies are often confused with each other but have some key differences. CSPM, the more established solution, provides key benefits including discovery […]

Ermetic Shortlisted for Computing Cloud Excellence Awards 2020

Ermetic has been shortlisted for Computing’s Cloud Excellence Awards! The number of entries grows every year as we see growth in the adoption of and reliance on cloud computing. Making it the shortlist is, according to Computing, a sign of incredible performance and success and we are honored to be included. With categories covering every […]

CIO Bulletin Names Ermetic One of the 10 Best Cyber Security Companies 2020

CIO Bulletin has named Ermetic one of the 10 Best Cyber Security Companies of the year! We are honored to be included in the list next to some other strong leaders in the field. Click here for the full list of winnners. And to see what they have to say about Ermetic, check out their […]

Cloud Threats and Priorities as We Head Into the Second Half of 2020

Dark Reading recently reviewed our IDC survey on identity and data access risks to understand where the industry is headed for the rest of the year and what it all means when it comes to mitigating cloud risks.

We asked 12 founders who raised nearly $200 million during COVID-19 for their tips on wooing investors during a crisis

Shai Morag, our CEO and co-founder, was recently interviewed along with other founders and investors for a Business Insider article about remote fundraising during the pandemic. “You need to be more prepared than usual,” Morag told them. “All meetings are in Zoom, they tend to be transactional and more focused, it’s a hard dynamic with […]

DIY Access Security for Amazon Web Services

On The New Stack, Ermetic co-founder and CTO Michael Dolinsky explains how complicated, time-consuming and error-prone it is to try and manage identities and access in AWS using native or do-it-yourself tools.

451 Research Report: Cloud access and entitlement management startup Ermetic raises $17m

451 Research released a report detailing our recent $17 million fundraising round. The round was led by Accel, along with seed investors Glilot Capital Partners, Norwest Venture Partners and Target Global.

Ermetic Shortlisted in American Cyber Awards

We are excited to announce that Ermetic has been shortlisted in the "Innovative Product of the Year - Cloud Based" category of the American Cyber Awards, which highlight the most innovative and successful people, teams and products in the cybersecurity industry.

Cali-based VC firm Accel empowers Israeli cloud-security startup’s run for market lead

Accel, a fund that previously invested in Facebook, Slack, Spotify, and Dropbox, has turned attention to the Ermetic cloud security solution, realizing the potential and need for the product. The $17.25 million Series A financing round was led by Accel, and supported by previous investors Glilot Capital Partners, Norwest Venture Partners and Target Global. “There’s […]

Managing Cloud Access Permissions Is a Top CISO Concern

How the least privilege principle can reduce data threats and how an automated approach can help manage and monitor cloud access policies and permissions for applications and services.

Complexity exacerbates cloud cybersecurity threats

New TechTarget article explains how as cloud becomes intrinsic to IT, shifting roles have led to some risks being overlooked... but companies are getting smarter about alleviating threats.

Lack of Visibility and Poor Access Management are Major Contributors to Cloud Data Breaches

HIPAA Journal takes a closer look at our recent IDC Cloud Security Survey and the impact on the healthcare industry where more and more organizations are completing their digital transformations. While they are able to take advantage of the flexibility, scalability, and cost savings provided by public cloud environments, healthcare organizations see that securing public […]

Infosecurity Magazine highlights Ermetic’s IDC Survey

Infosecurity Magazine highlights the findings of the newly released IDC survey sponsored by Ermetic, reporting on what over 300 CISO’s see as their top cloud security concerns, and the risks they face. The article mentions, “Ermetic also argued that users and applications often accrue excessive access permissions in public cloud deployments. These are often granted […]

How to implement least privilege in the cloud

The Cloud Security Alliance (CSA) recently took a poll of more than 200 industry experts and found that cloud resource misconfiguration is a leading cause of data breaches. Why? Mainly because identity and privilege management at cloud-scale is extremely challenging. It becomes increasingly more complicated and more challenging over time, as organizations grow and their […]

7 Steps to Avoid the Top Cloud Access Risks

Securing identities and data in the cloud is challenging, but a least-privilege access approach helps. The Capital One incident, in which data on 106 million credit card customers and applicants was exposed, is a great example in which misconfiguration and inadequate change control enabled the attackers to exploit a vulnerability in an open source web application […]