Asaf Hecht is a team leader of one of CyberArk Labs research teams. He focuses on researching and discovering the latest attack techniques, and applying lessons learned to improve cyber-defenses. Hecht’s primary research areas are network defense, cloud security and application of machine learning. Prior to CyberArk, Hecht served eight years in the Israeli Army. He was the Team Leader for the advanced cyber-hunting team, an elite force that protects military top-secret networks and reveals APTs. In addition, Hecht is also a skilled helicopter pilot.
Fantastic Cloud Shadow Admins and where to find
Cloud adoption is on the rise and so is the risk of having Shadow Admins. In this session, we will explore Azure’s IAM and the dark permissions and roles, where Cloud Shadow Admins hide. We will demonstrate how an attacker can escalate privileges using those unintended admin users and how you can discover them before with a new scanning module of the open-source tool SkyArk.