Ermetic Introduces Full Stack Identity Governance for Cloud Infrastructures
New Version of Ermetic Platform Enables Organizations to Implement Least Privilege Entitlements Management Across Identities, Network, Storage and Secrets
Ermetic, the cloud identity and access governance company, announced the market’s first platform that provides full stack visibility and control over multi-cloud infrastructure entitlements. By analyzing identity and access management (IAM) policies as well as the configuration of network, storage and secrets assets, Ermetic eliminates attack surface blind spots and enables organizations to enforce least privilege across their entire cloud infrastructure.
.@ErmeticSec introduces full stack #identitygovernance for cloud infrastructures that enables organizations to implement #leastprivilege #cloudentitlementsmanagement across identities, network, storage and secrets #CIEM
“One of the biggest risks in public cloud security is access abuse, specifically excessive permissions and compromised identities having access to data and resources. The challenge is that enforcing least privilege is much more difficult in the public cloud than on-premises,”1 said Garrett Bekker, Principal Security Analyst at 451 Research, a part of S&P Global Market Intelligence. “Many customers are looking to add additional security controls and services themselves, and there’s increased interest in addressing user roles and permissions.”2
Full Stack Visibility of Risks
To help security and cloud operations teams reduce their attack surface, Ermetic combines a holistic view of both network access and IAM policy entitlements to comprehensively assess risks. By monitoring and visualizing both network configurations and identity access policies Ermetic provides the context needed to correctly assess the risk of over privileged and risky entitlements.
For example, a machine with elevated privileges that is exposed to the internet would pose a greater security risk than one with a similar IAM configuration without internet access. This unified visibility is unique to Ermetic and is essential for accurately assessing the “effective access” assigned to a machine or data resource.
“While it’s virtually impossible to determine entitlement risks for users and machines using tools offered by cloud platform providers, third party tools that rely exclusively on identity and access policies without also analyzing network access do not provide a true and accurate view of risks,” said Shai Morag, CEO and Co-Founder of Ermetic. “Ermetic is the first solution to provide full stack visibility into both identity entitlements and network access configurations, which enables customers to comprehensively assess and govern the risks associated with complex scenarios of users, machines, and resources.”