Uptycs Blog | Cloud Security Insights for Linux and Containers

Uptycs Introduces Cloud Identity and Entitlement Analytics

Written by Tyson Supasatit | 5/4/22 1:00 PM

At Uptycs, we’re on a mission to help you improve cloud security. And a lot of that means simplifying cloud security because what’s hindering improvement is complexity. Too many permissions, identities, and roles across too many accounts, organizations, and even cloud providers.

 

Today, Uptycs is announcing new capabilities to help you straighten things out so that it’s easy to identify and prioritize the most important cloud security risks across your entire cloud estate—all in one place. Our new Uptycs Cloud Identity and Entitlement Analytics offering untangles the ever-growing web of identities, roles, and permissions across your cloud accounts and highlights how you can measurably reduce risk.

 

We’re also proud to announce support for GCP and Azure for our cloud security posture management (CSPM) offering that continuously analyzes those environments to identify misconfigurations, non-compliant resources, and threats. Join us for a live webinar on Tuesday, May 24 to learn more.

 

Complexity Is The Real Enemy Of Cloud Security

It’s not that there aren’t services available to solve these issues. There are, but they are piecemeal approaches. As stated above, the real enemy of cloud security is complexity, and that includes having to deal with so many different admin consoles and set up and monitor numerous services for compliance, data protection, identity and access management, incident response, and threat detection.

 

Identity and entitlements are of particular concern. As early as 2013, identity providers were pointing out that increasing use of cloud services and remote work made identity “the new perimeter.” The point being that even though more resources and users were outside the corporate LAN, no longer protected by a firewall appliance, users still needed to sign in. Security teams could still monitor and block permissions and access.

 

Fast forward to 2022 where nearly every organization is fully committed to a cloud-first strategy. No surprise that identity and entitlements are still important for security. The number of machine identities especially is growing rapidly as companies add cloud accounts and resources. It’s easy to provision an identity—it’s much harder to make sure that identity only has the permissions needed to do its job. Gartner estimates that over 95% of IaaS accounts use, on average, less than 3% of the entitlements that they are granted. That means that attackers that manage to steal credentials can do much more damage than they should be able to, if those entitlements were buttoned down properly. 

 

Bringing Cloud Security Together

Uptycs brings together market-leading solutions for securing both cloud workloads (containers and Kubernetes security) and the cloud services that those workloads run on. Unlike niche cloud security products, Uptycs covers all aspects of cloud security and gives you the flexibility you need to tackle brand new challenges that pop up, such as Log4Shell.

 

Our solution normalizes all the telemetry we collect as SQL tables at the point of collection so that it’s neatly structured, then we apply streaming analytics for real-time detection and correlation while the data is in flight. And once it’s stored in our SaaS data lake, it’s available for reporting and query, giving your teams cat-like reflexes when an auditor comes with some gotcha questions or you need to investigate the scope and severity of a security incident. Read how Flexport uses Uptycs as an “observability layer” empowering their DevOps and Security teams. 

 

What's New: Uptycs Cloud Identity and Entitlement Analytics

The new Uptycs Cloud Identity and Entitlement Analytics offering continuously monitors cloud identity infrastructure to spot identity misconfiguration and permissions gaps so you can effectively implement least privilege and zero trust access. Gartner calls this type of capability Cloud Infrastructure Entitlement Management (CIEM) but we see broader applications and have a more ambitious vision. Given the importance of identity, this is just the start! 

 

Uptycs Cloud Identity and Entitlement Analytics enables you to:

  1. Monitor least privilege - Continuously monitor cloud infrastructure to spot identity misconfiguration and permissions gaps. This will move you toward least-privilege access, minimizing the damage that can be caused by stolen credentials.
  1. Measure identity risk and governance posture - Measure the overall identity risk posture for cloud accounts based on factors such as root account configuration, credentials rotation, possibility of privilege escalation, and credential exposure.
  1. Harden IAM policies - Continuously analyze cloud IAM policies and create risk profiles so that your teams can prioritize their efforts on tuning the most risky policies.
  1. Map identities and relationships - Visually map relationships across accounts, rank connections based on riskiness, and show the impact a user can have on an asset or critical service.
  1. Detect and investigate identity misuse - Show top cloud IAM principals and services denied based on specific time windows, enabling users to drill down into trends for a specific user/service and spot any anomalies from the regions based on historical data.

 

The Uptycs Cloud Identity and Entitlement Analytics offering is available now, but only for AWS currently. This new offering is part of the broader Uptycs’ security analytics platform that delivers the capabilities you need to defend cloud-native applications, including cloud security posture management (CSPM) and cloud workload protection (CWPP). To learn more about what Uptycs CIEM can do for you and your complex cloud environment, click below to register for our upcoming 30-min webinar.

 

Join the Uptycs Live Webinar!