Ermetic to Present Three Sessions at fwd:cloudsec

Igal Gofman, Head of Research for Ermetic. Igal previously served as Senior Security Researcher at Microsoft, where he focused on threat intelligence and active directory security. As Head of Security Research at XM Cyber, he led a team of security experts embracing an attacker's mindset. Earlier, as Threat Response Team Lead at Check Point Software Technologies Igal helped develop the company's intrusion detection system.



Noam Dahan, Senior Security Researcher at Ermetic is an expert in embedded security. He is a graduate of the Talpiot program at the Israel Defense Forces and spent several years in the 8200 Intelligence Corps.



Liv Matan is a cloud security researcher at Ermetic, where he specializes in application and web security. He previously served in the 8200 Intelligence Corps unit as a software developer. As a bug bounty hunter, Liv has found several vulnerabilities in popular software platforms, such as Azure web services, Facebook and Gitlab.



Lior Zatlavi has over 15 years of experience in cyber security, having spent most of that time working as a security architect, product manager and developer for the Israeli government. Lior served in an elite cyber security unit of the IDF (retired Major) after which he worked in a cyber security division of Israel’s Prime Minister’s Office. After leaving the public sector, Lior worked as an independent consultant specializing in Cloud security and identity management.

WHAT: 

IMDS: The Gatekeeper to Your Cloud Castles (And How to Keep the Dragons Out)

Most of us know IMDS as a tool for seamlessly maintaining and supplying credentials for applications running on instances to access resources in cloud environments. This talk will take a deep dive into the protections offered by different cloud service providers for IMDS and demonstrate how these mechanisms could spell the difference between a critical and non-critical vulnerability.



A Year of NO: building organizational IAM guardrail policies that work

Organizational policies are a key part of every organization’s cloud IAM strategy. This talk will explore how to build, test, and deploy effective organizational policies for multi-cloud environments, and how to implement mechanisms to detect violations.



Threat intelligence in the age of cloud

Threat Intelligence is one of the most important inputs when investigating breaches, and enables faster, better informed security decisions. This talk will highlight the challenges of building good threat intel in a cloud-based world and present a model for evaluating threat intelligence feeds, mapping the units of threat intelligence that are uniquely relevant to the cloud and establishing channels for intelligence sharing.

WHERE: 

WHEN: 

IMDS: The Gatekeeper to Your Cloud Castles (And How to Keep the Dragons Out), June 12, 09:50–10:10, Room 2

A Year of NO: building organizational IAM guardrail policies that work, June 12, 13:00–13:20, Room 2

Threat intelligence in the age of cloud, June 12, 17:30–18:10, Room 1

To schedule a conversation with Ermetic, contact Marc Gendron at marc@mgpr.net