Uptycs Strengthens Cloud Security Offering with Cloud Identity and Entitlement Management (CIEM), Announces Multi-Cloud Support

New offering continuously monitors cloud entitlements and access, helping security teams strengthen security posture and reduce risk in the cloud

Waltham, Mass. , May 4, 2022 /PRNewswire/ — uptycs, provider of the first cloud-native security analytics platform that enables endpoint and cloud security from a common solution, today announced new Cloud Infrastructure Entitlement Management (CIEM) capabilities that strengthen its offering. cloud security posture management (CSPM). Additionally, Uptycs announced CSPM support for Google Cloud Platform (GCP) and Microsoft Azure, and PCI compliance coverage. These new capabilities give Security and Governance, Risk and Compliance teams continuous monitoring of cloud services, identities and entitlements so they can better reduce their risk in the cloud.

“Disparate cloud security solutions only deliver parts of the picture, leaving security teams unaware of new risks in a rapidly changing cloud environment,” says Ganesh Pai, CEO and co-founder of Uptycs. “As organizations expand their cloud footprints, including across multiple public cloud providers, they need new types of security controls, especially in the realm of cloud identity and entitlements. Uptycs provides a unified platform for CSPM and CWPP which provides security teams with a holistic view and fully integrated platform to secure their cloud resources, workloads and infrastructure.”

As they add cloud accounts, resources, and infrastructure, the number of user and machine identities grows exponentially. Most of these identities have more access than they need to do their jobs, posing a serious risk if an attacker can steal the credentials. According to GartnerMore than 95% of accounts in IaaS use, on average, less than 3% of the rights granted to them.one Besides, Gartner estimates that “by 2023, 75% of security failures will be due to improper management of identities, access and privileges, up from 50% in 2020.”two

With the new cloud identity and entitlement analysis capabilities in Uptycs, security and governance teams can solve these challenges:

  • Monitor Least Privilege – Continuous monitoring of the cloud infrastructure for identity misconfigurations and permissions gaps so they can move toward least-privileged access, minimizing the damage that escalation of privilege can cause.
  • Measure identity risk and governance posture: Measurement of the overall identity risk posture for cloud accounts based on factors such as root account configuration, credential rotation, privilege escalation potential, and credential exposure.
  • Enforce IAM policies in the cloud: Continuously analyze cloud IAM policies and create risk profiles so teams can prioritize their efforts to adjust the riskiest policies.
  • Map identities and relationships – Visually map relationships between accounts, classify connections based on risk, and show the impact a user can have on a critical asset or service.
  • Detect and investigate identity misuse – Display top IAM cloud services and principals denied based on specific time windows, allowing users to drill down into trends for a specific user/service and spot any region anomalies based on historical data.

Identity and rights in the cloud analytics capabilities are generally available today for aws as a complement to the Uptycs CSPM offering. uptycs‘ wider CSPM support for GWP and Azure (inventory, auditing, compliance, and threat detection) is generally available.

one Gartner, “Managing Privileged Access in Cloud Infrastructure,” Paul Mezzera, December 7, 2021

two Gartner, “Innovation Perspective for Cloud Infrastructure Rights Management, henrique teixeira, michael kelleyAbhyuday Data, June 15, 2021

About Uptycs
Uptycs provides the first cloud-native security analytics platform that enables cloud and endpoint security from a single platform. The solution provides a unique telemetry-driven approach to address multiple use cases, including Extended Detection and Response (XDR), Cloud Workload Protection (CWPP), and Cloud Security Posture Management (CSPM). Uptycs enables security professionals to quickly prioritize, investigate, and respond to potential threats across an enterprise’s attack surface. A free trial of Uptycs can be requested at www.uptycs.com/free-trial.


Leave a Comment