Stack Identity has unveiled the expansion of the Identity Access Risk Management Platform with identity threat detection and response (ITDR) to tackle shadow access and shadow identities.
Identity-centric attacks have exploded as the primary vector among cyberattacks, showcasing extreme gaps in traditional access management, IAM, IGA and identity provider platforms. Gartner predicts that by 2026, nine out of 10 businesses will use an embedded identity threat detection and response function from access management software as the first attempt to defend against such attacks.
Integrating ITDR is key in generating continuous, intelligent recommendations to support customers in making strategic decisions and remediate identity threats.
Stack Identity’s platform is powered by the industry’s first identity security data lake, which consolidates, correlates and contextualizes identity access risks and vulnerabilities across cloud and data estates. This allows enterprise customers to proactively assess, remediate and govern their identity and access risks, staunchly preventing unauthorized access, policy violations, incidents and data breaches.
“By leveraging the power of AI, our platform generates intelligent resolutions to effectively tackle identity access risks,” says Venkat Raghavan, CEO of Stack Identity. “We are committed to bridging the gaps in traditional IAM platforms that often overlook identity risks, which is why it is so important to expand our product to include identity threat detection and response.”
Stack Identity Access Risk Management Platform consists of:
Identity Threat Detection and Response (ITDR): ITDR continuously monitors identity threats across the enterprise population of identities for identity posture risks, account takeovers, insider threats and privileged access abuse. It lays out pathways by which identities can be exploited for ransomware and data exfiltration and detects identity threats targeted at enterprise assets – infrastructure, applications, cloud services, access management, IAM and IDP, databases, data platforms and software supply chains.
ITDR generates insights, recommendations and analytics to help decision workflows to prioritize, investigate, remediate and govern identity threats.
Cloud Identity Entitlements Management (CIEM): CIEM addresses the challenges of managing cloud permissions in today’s complex, multi-cloud and multi-SaaS landscape. With a foundation in the robust identity security platform, Stack Identity’s CIEM offers a unified platform for securing cloud environments by providing centralized visibility, granular access control, compliance support, risk reduction and automated workflows.
The solution aims to mitigate identity-related security incidents by up to 90%, improve operational efficiency by 50% and achieve 95% compliance with major security standards. Furthermore, it integrates seamlessly with Stack Identity’s ITDR and IGA solutions, offering a comprehensive defense against identity-based threats.
Identity and Access Governance (IGA): The IGA solution reshapes traditional practices, empowering managers with clear insights into user access. Real-time security measures proactively detect and address identity and access risks with automated workflows, ensuring continuous compliance and operational security. The Comprehensive Policy Catalog covers a range of risks from insider threats to privileged access abuse, our solution offers targeted access reviews for high-risk scenarios and user groups.
IGA streamlines workflows with automated notifications, recertifications, and SOC integration via Jira, Slack, PagerDuty and compatibility with SIEM and SOAR tools. Stack Identity’s IGA tool gains real-time data, knowledge and risk context, and continuously monitors, tracks and analyzes identity and access activities to databases in order to ensure integrity, confidentiality and security of valuable data.
“As identity threats surge, the prevalence of API applications introduces vulnerabilities like service accounts, API keys, tokens and secrets with perpetual access to sensitive assets. Stack Identity takes a bold step in tackling identity threat detection for this new attack vector,” says Al Ghous, CISO and investor. “The platform plays a pivotal role in filling significant gaps by providing profound visibility and robust lifecycle management for machine identities.”
“Identity threat detection and response is perhaps the most crucial gap in current identity and access solutions,” says Ken Foster, head of architecture at Adient. “While ITDR is a critical innovation, the key lies not just in technology, but in the intelligence that is available to make the best decisions with what is occurring in your business. Enterprises already have a myriad of tools to tell them how bad things are, but Stack Identity excels in constructing a reliable path to remediate and govern identity threats.”
from Help Net Security https://ift.tt/cwWoBXf
0 comments:
Post a Comment