Sysdig, Inc. has announced the addition of Cloud Infrastructure Entitlements Management (CIEM) capabilities to their Secure DevOps Platform. Taking a zero trust approach, customers get instant visibility and control over cloud permissions. The Sysdig Threat Team found that nearly 80 percent of users have excessive entitlements due to overly permissive policies that allow full admin access in their AWS cloud. Sysdig customers can quickly remediate over-privilege access in less than two minutes.
According to Gartner®, “By 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020.” As organisations adopt the cloud they struggle to gain visibility and control of access rights and permissions granted to cloud identities.
Traditional identity tools built for on-premises environments cannot keep up with the explosive growth and activity of users and services (for example: AWS Lambda functions) in the cloud. These cloud services often have excessive permissions to access sensitive data and can become an unsuspecting entry point for an attacker to exploit.
“Now within minutes you know exactly what least privilege policy to apply across your cloud environments,” said Omer Azaria, Vice President of Research and Development at Sysdig. “In the cloud where many things are complicated, this is an easy one to fix. Why wouldn’t you just do it?”
CIEM helps organisations adopt a zero trust model for Identity and Access Management (IAM) for cloud infrastructure. It provides visibility into all access risks, as well as the ability to remediate quickly. Whether it is a user or service, security teams can answer important questions such as: “What access permissions does the identity have?” “Are those permissions being used?” “Are they overly permissive?” “Has it done anything abnormal?” Teams can then enforce least-privilege access policies and grant just enough permissions to perform necessary actions.
These excessive permissions can be corrected in the infrastructure as code templates within existing developer-centric workflows. By using an integrated security platform, teams can close the loop from source to production and minimise manual steps and recurring issues as part of their broader cloud security management efforts.
By combining the CIEM capabilities with its existing capabilities, Sysdig customers can proactively prevent cloud permission risk, scan for vulnerabilities and misconfigurations, and detect and respond to attacks across container and cloud environments.