Asaf Hecht is a Director of Security Research & Innovation with nine years of deep technical experience, blending elite military cyber service, an M.Sc. in Cyber Space Security, and leadership of high-impact research teams at CyberArk and Palo Alto Networks. He leads offensive and defensive research that influences product strategy, has translated research into patents and product features, and holds an unusually large personal patent portfolio (35 granted patents). A hands-on contributor to open-source security tooling, his work on projects like SkyArk and ACLight focuses on discovering privileged and shadow-admin risks across cloud and Active Directory environments. Known for turning novel research into measurable business and strategic outcomes, he frequently presents at top conferences and builds tools that the security community adopts. Notably, his background spans operational cyber defense, competitive intelligence, and scalable tool development—bridging field experience with enterprise security innovation.
9 years of coding experience
12 years of employment as a software developer
Master of Science (M.Sc.), Software and Information Systems Engineering - Cyber Space Security, Master of Science (M.Sc.), Software and Information Systems Engineering - Cyber Space Security at Ben-Gurion University of the Negev
Information Systems Engineering, Information Systems Engineering at The Open University of Israel
A script for advanced discovery of Privileged Accounts - includes Shadow Admins
Role in this project:
Security Engineer
Contributions:65 commits, 64 pushes, 20 comments in 2 years 4 months
Contributions summary:Asaf primarily contributed to the `ACLight` tool, designed for advanced Active Directory ACL analysis to discover privileged accounts and shadow admins. The commits show modifications to the PowerShell script, including corrections for Unicode/ASCII conversion errors and performance enhancements, along with updates to the tool's functionality and output reports. The user also made changes to the tool's structure and added queries to improve efficiency and accuracy of the analysis.
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Role in this project:
Security Engineer
Contributions:2 reviews, 197 commits, 6 PRs in 4 years 8 months
Contributions summary:Asaf primarily contributed to security-focused PowerShell scripts designed for AWS and Azure environments. Their work involved developing tools, including AWStealth and AWStrace, to identify privileged users and analyze CloudTrail logs. The user implemented features to detect shadow admins and various security vulnerabilities by parsing policy documents and analyzing AWS and Azure configurations. The user's contributions included improvements to error handling and module compatibility, and the creation of supporting scripts.
discoversecuresecurity-toolspowershellcloud
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Asaf Hecht - Director Of Security Research & Innovation