New solution helps manage identities and entitlements

Businesses are increasingly adopting the public cloud, but this brings with it a number of security challenges that traditional tools struggle to handle.

Identity specialist Attivo Networks is launching a new Cloud Infrastructure Entitlement Management (CIEM) solution designed to improve visibility and reduce the attack surface for identities and entitlements in the cloud.

IDEntitleX gives security teams a unified view of identities and exposures across the organization. This allows them to address provisioning management challenges while maintaining operational effectiveness. It includes multi-cloud support for AWS and Azure and provides detailed entitlement visibility for users, applications, virtual machines, containers, serverless functions and other objects which attackers may seek to target.

"We really feel like this is something that will help organizations understand their risks, and also get the visibility and depth of information so they can reduce those risks where they can, or if they can't at least they're aware of them and so they can set up additional security," says Carolyn Crandall, chief security advocate and CMO at Attivo. "Step one is get the visibility, to see where your resource entitlements are, see where your service entitlements are, see where your management type entitlements are and reduce that risk by right-sizing those permissions. Then once you get a feel for the environment. some companies will go into the advanced analytics and modelling and automation. So, it's something that a smaller organization is able to use but also a very large organization if they have a more advanced skill set."

IDEntitleX works with a range of cloud services and allows admins to monitor entitlements to key cloud services, such as AWS S3 and Azure Key Vault. In addition they can view endpoint, Active Directory, and cloud exposures from a centralized management console, isolating risks right down to object level.

"If you've got an identity first posture you need to protect your identities and entitlements in the cloud, and this will allow you to do it in a very, very efficient way," adds Crandall. "Not with lots of logs and data but with a nice UI that's clickable and drill down and actionable. I can just see something that's a high severity, I click in and then I can go forward and take action on it really quickly."

You can find out more on the Attivo site.

Image Credit: Rawpixel / depositphotos.com