Ermetic to Present Three Sessions at fwd:cloudsec

BOSTON & TEL AVIV–()–Ermetic, the cloud infrastructure security company, today announced that it will present three cloud security sessions at fwd:cloudsec, a non-profit conference on cloud security, in Anaheim, California on June 12. The sessions will cover IAM guardrail policies, Instance Metadata Services (IMDS) security and cloud threat intelligence.

WHO:

Igal Gofman, Head of Research for Ermetic. Igal previously served as Senior Security Researcher at Microsoft, where he focused on threat intelligence and active directory security. As Head of Security Research at XM Cyber, he led a team of security experts embracing an attacker’s mindset. Earlier, as Threat Response Team Lead at Check Point Software Technologies Igal helped develop the company’s intrusion detection system.

Noam Dahan, Senior Security Researcher at Ermetic is an expert in embedded security. He is a graduate of the Talpiot program at the Israel Defense Forces and spent several years in the 8200 Intelligence Corps.

Liv Matan is a cloud security researcher at Ermetic, where he specializes in application and web security. He previously served in the 8200 Intelligence Corps unit as a software developer. As a bug bounty hunter, Liv has found several vulnerabilities in popular software platforms, such as Azure web services, Facebook and Gitlab.

Lior Zatlavi has over 15 years of experience in cyber security, having spent most of that time working as a security architect, product manager and developer for the Israeli government. Lior served in an elite cyber security unit of the IDF (retired Major) after which he worked in a cyber security division of Israel’s Prime Minister’s Office. After leaving the public sector, Lior worked as an independent consultant specializing in Cloud security and identity management.

WHAT: 

IMDS: The Gatekeeper to Your Cloud Castles (And How to Keep the Dragons Out)
Most of us know IMDS as a tool for seamlessly maintaining and supplying credentials for applications running on instances to access resources in cloud environments. This talk will take a deep dive into the protections offered by different cloud service providers for IMDS and demonstrate how these mechanisms could spell the difference between a critical and non-critical vulnerability.

A Year of NO: building organizational IAM guardrail policies that work

Organizational policies are a key part of every organization’s cloud IAM strategy. This talk will explore how to build, test, and deploy effective organizational policies for multi-cloud environments, and how to implement mechanisms to detect violations.

Threat intelligence in the age of cloud
Threat Intelligence is one of the most important inputs when investigating breaches, and enables faster, better informed security decisions. This talk will highlight the challenges of building good threat intel in a cloud-based world and present a model for evaluating threat intelligence feeds, mapping the units of threat intelligence that are uniquely relevant to the cloud and establishing channels for intelligence sharing.

WHERE: 

fwd:cloudsec 2023,  Embassy Suites by Hilton Anaheim South, Anaheim CA

WHEN: 

IMDS: The Gatekeeper to Your Cloud Castles (And How to Keep the Dragons Out), June 12, 09:50–10:10, Room 2

A Year of NO: building organizational IAM guardrail policies that work, June 12, 13:00–13:20, Room 2

Threat intelligence in the age of cloud, June 12, 17:30–18:10, Room 1

HOW:

To schedule a conversation with Ermetic, contact Marc Gendron at marc@mgpr.net

About Ermetic

Ermetic reveals and prioritizes security gaps in AWS, Azure and GCP and enables organizations to remediate them immediately. The Ermetic cloud native application protection platform (CNAPP) uses an identity-first approach to unify and automate cloud infrastructure entitlement management (CIEM), cloud security posture management (CSPM), cloud workload protection and Kubernetes security posture management (KSPM). It unifies full asset discovery, deep risk analysis, runtime threat detection and compliance reporting, combined with pinpoint visualization and step-by-step guidance. The company is one of America’s Best Startup Employers according to Forbes and led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Forgepoint, Glilot Capital Partners, Norwest Venture Partners, Qumra Capital and Target Global. Visit us at https://ermetic.com/ and follow us on LinkedIn, Twitter and Facebook.

Source Link

LEAVE A REPLY

Please enter your comment!
Please enter your name here