Eviatar Gerzi

Principal Security Researcher at Palo Alto Networks

Israel
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Eviatar Gerzi is a Principal Security Researcher with 11 years of hands-on experience in reversing, malware analysis, privilege escalation and DevOps security, currently focused on securing Docker and Kubernetes environments. He has led research and production-ready contributions to high-profile open-source tools like KubiScan and Kubesploit, and regularly presents findings at top conferences including multiple Black Hat and RSA appearances. Comfortable across C/C++/Go and scripting languages, he blends low-level exploit development with practical cloud-native attack/defense tooling. Notably, his work has bridged offensive techniques and defensive scanners—turning post‑exploitation research into tools that help operators find risky pods, permissions and kubelet weaknesses. Based in Israel, he brings a background from malware analysis to container security, with a track record of fixing real vulnerabilities and improving tool security and test coverage.
code11 years of coding experience
job14 years of employment as a software developer
bookBachelor of Science (B.Sc.), Computer Science, Bachelor of Science (B.Sc.), Computer Science at The Academic College of Tel-Aviv, Yaffo
bookMCSE, Systems Engineer, MCSE, Systems Engineer at Self Learning (MCSE)
bookDark Side Ops II: Adversary Simulation, Dark Side Ops II: Adversary Simulation at Black Hat Europe (London) 2017 training
bookWindows Kernel Rootkit Techniques, Windows Kernel Rootkit Techniques at CodeMachine in BlackHat USA 2021
bookCCNA, CCNA at Self Learning (CCNA)
bookSEC575: Mobile Device Security and Ethical Hacking, SEC575: Mobile Device Security and Ethical Hacking at SANS Technology Institute
bookA purple team view - attacking and defending Linux, Docker and Kuberne, A purple team view - attacking and defending Linux, Docker and Kuberne at Black Hat USA 2019
bookThe Shellcode Lab, The Shellcode Lab, The Shellcode Lab, The Shellcode Lab at Black Hat USA 2018
bookCCENT, CCENT at Self Learning (CCENT)
bookPC technician, PC technician at IDF
bookOSWE, WEB-300: Advanced Web Attacks and Exploitation, OSWE, WEB-300: Advanced Web Attacks and Exploitation at Offensive Security
bookMCSA: Systems Administrator: Messaging, MCSA: Systems Administrator: Messaging at Self Learning (MCSA: Messaging)
languagesEnglish, Hebrew, French
stackoverflow-logo

Stackoverflow

Stats
101reputation
26reached
0answers
1question
github-logo-circle

Github Skills (25)

rbac10
kubernetes10
authorizations10
python10
security-txt10
security10
go10
authorization10
kubernetes-pods10
jwt10
security-scan10
post9
container9
apidoc9
exp9

Programming languages (13)

C#PowerShellC++CMakefileVueGoJupyter Notebook

Github contributions (5)

github-logo-circle
cyberark/kubesploit

Mar 2021 - Dec 2022

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
Role in this project:
userBack-end & Security Engineer
Contributions:4 releases, 18 reviews, 63 commits in 1 year 9 months
Contributions summary:Eviatar primarily contributed to the core functionality of the Kubesploit project, focusing on the kubelet module written in Go. Their work involved implementing features for interacting with Kubernetes, including listing pods and executing commands within containers. They also addressed security-related aspects by fixing a base64 marshaling issue and adding vulnerability tests related to container escape and privilege escalation. Furthermore, they updated the versioning and improved code quality.
redteam-toolsred-teamscommand-and-controlsecurity-toolsfocused
cyberark/KubiScan

Dec 2018 - Nov 2022

A tool to scan Kubernetes cluster for risky permissions
Role in this project:
userBack-end Developer & Security Engineer
Contributions:7 releases, 34 reviews, 146 commits in 4 years
Contributions summary:Eviatar primarily contributed to the `api_client_temp.py` file, which appears to be a temporary workaround for a Kubernetes client library bug. Their work involved modifying the code to retrieve and list ClusterRoleBindings and ClusterRoles, adding support for handling "None" rules and addressing issues with missing data and token decoding. They also made improvements to the `engine/utils.py` and `engine/jwt_token.py` and enhanced the security of the project by fixing token decoding and fixing issues with service accounts.
scanauthorizationsecurityrbacpermissions
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Eviatar Gerzi - Principal Security Researcher at Palo Alto Networks