Uptycs, provider of the first cloud-native security analytics platform enabling cloud and endpoint security from a common solution, announced today new cloud infrastructure entitlement management (CIEM) capabilities that strengthen its cloud security posture management (CSPM) offering. In addition, Uptycs announced CSPM support for Google Cloud Platform (GCP) and Microsoft Azure, and PCI compliance coverage. These new capabilities provide Security and Governance, Risk, and Compliance teams with continuous monitoring of cloud services, identities, and entitlements so they can better reduce their cloud risk.
“Disparate cloud security solutions only deliver pieces of the picture, leaving Security teams unaware of new risks in a fast-changing cloud environment,” says Ganesh Pai, CEO and co-founder of Uptycs. “As organizations scale out their cloud footprints—including across multiple public cloud providers—they need new types of security controls, especially in the realm of cloud identity and entitlement. Uptycs provides a unified platform for CSPM and CWPP that gives Security teams a holistic and fully integrated platform for securing their cloud resources, workloads, and infrastructure.”
Also Read: SciTech Wireless Makes Access Control Integration Easier Introducing the WILDR Product Family
As they add cloud accounts, resources, and infrastructure, the number of user and machine identities grows exponentially. The majority of these identities have more access than they need to do their jobs, posing a serious risk if an attacker is able to steal credentials. According to Gartner, more than 95% of accounts in IaaS use, on average, less than 3% of the entitlements they are granted.1 In addition, Gartner estimates that “by 2023, 75% of security failures will result from inadequate management of identities, access and privileges, up from 50% in 2020.”2
With new cloud identity and entitlement analytics capabilities in Uptycs, Security and Governance teams can solve these challenges:
Monitor least privilege – Continuously monitoring cloud infrastructure to spot identity misconfiguration and permissions gaps so they can move toward least-privilege access, minimizing the damage that can be caused by privilege escalation.
Measure identity risk and governance posture – Measuring the overall identity risk posture for cloud accounts based on factors such as root account configuration, credentials rotation, possibility of privilege escalation, and credential exposure.
Harden cloud IAM policies – Continuously analyzing cloud IAM policies and creating risk profiles so that teams can prioritize their efforts on tuning the most risky policies.
Map identities and relationships – Visually map relationships across accounts, rank connections based on riskiness, and show the impact a user can have on an asset or critical service.
Detect and investigate identity misuse – Show top cloud IAM principals and services denied based on specific time windows, enabling users to drill down into trends for a specific user/service and spot any anomalies from the regions based on historical data.
The cloud identity and entitlement analytics capabilities are generally available today for AWS as an add-on for the Uptycs CSPM offering. Uptycs’ broader CSPM support for GCP and Azure (inventory, audit, compliance, and threat detection) is generally available.
1 Gartner, “Managing Privileged Access in Cloud Infrastructure,” Paul Mezzera, December 7, 2021
2 Gartner, “Innovation Insight for Cloud Infrastructure Entitlement Management, Henrique Teixeira, Michael Kelley, Abhyuday Data, June 15, 2021