Ermetic announced a new version of the Ermetic platform that continually monitors the access behavior of user and machine identities to detect suspicious activity and prevent security threats.
The new capabilities enable organizations to protect against unusual data access, suspicious configuration changes, privilege escalation and more, in multicloud environments.
Using analytics-driven policies, Ermetic continuously analyzes access behavior, creates a baseline for every identity and monitors for anomalous activity in AWS, Microsoft Azure, and Google Cloud Platform.
“Detecting suspicious access, privilege escalation or infrastructure configuration changes across thousands of identities in cloud platforms is manually impossible,” said Sivan Krigsman, Chief Product Officer for Ermetic.
“Our unique combination of advanced analytics and granular visibility into access, entitlements and infrastructure configuration changes allows us to identify, alert on and respond to anomalies in expected behavior with very few false positives.”
Since Ermetic provides unparalleled visibility into all identities, multicloud assets and network access, as well as entitlements, privileges and configurations, customers can benefit from anomaly detection policies for multiple categories of suspicious activity that require investigation, including:
- Unusual data access
- Unexpected modifications such as disabling audit and logging
- Network infrastructure changes like changing firewall rules
- Configuration changes that affect public exposure of assets
- Escalating privileges for users/roles/groups
- Unusual reconnaissance activity such as enumeration of storage contents, function code, or secrets values
- Unauthorized use and theft of access keys