Ariel Kalman, Senior Security Researcher

Ariel Kalman is a Cloud Security Researcher at Mitiga, focused on uncovering new attack vectors in cloud environments. With a background in application security, Ariel brings a sharp eye for identifying where things break — and how attackers might take advantage. He spends his days exploring the edge cases others overlook… and his nights wondering why “misconfiguration” is still such a popular attack surface.

CORSLeak: Abusing IAP for Stealthy Data Exfiltration

When people talk about “highly restricted” cloud environments, they usually mean environments with no public IPs, no outbound internet, and strict VPC Service Controls locking everything down.

August 19, 2025

Tag Your Way In: New Privilege Escalation Technique in GCP

GCP offers fine-grained access control using Identity and access management (IAM) Conditions, allowing organizations to restrict permissions based on context like request time, resource type and resource tags.

April 22, 2025

Ariel Kalman

CORSLeak: Abusing IAP for Stealthy Data Exfiltration

Tag Your Way In: New Privilege Escalation Technique in GCP

Get a Demo