Ariel Kalman is a Cloud Security Researcher at Mitiga, focused on uncovering new attack vectors in cloud environments. With a background in application security, Ariel brings a sharp eye for identifying where things break — and how attackers might take advantage. He spends his days exploring the edge cases others overlook… and his nights wondering why “misconfiguration” is still such a popular attack surface.
Ariel Kalman
Senior Security Researcher
CORSLeak: Abusing IAP for Stealthy Data Exfiltration
Heading
When people talk about “highly restricted” cloud environments, they usually mean environments with no public IPs, no outbound internet, and strict VPC Service Controls locking everything down.
August 27, 2025
Tag Your Way In: New Privilege Escalation Technique in GCP
Heading
GCP offers fine-grained access control using Identity and access management (IAM) Conditions, allowing organizations to restrict permissions based on context like request time, resource type and resource tags.
April 24, 2025
