Ermetic announced a new version of the Ermetic Platform that combines cloud infrastructure entitlement management (CIEM) and cloud security posture management (CSPM) in one unified, identity-first product.
Customers can now use Ermetic to automate and centralize the detection and remediation of security risks associated with over privileged identities as well as misconfigurations that can expose cloud assets to data breaches.
A recent IDC survey found that 98% of organizations experienced a cloud data breach in the past 18 months, compared to 79% last year. Attackers typically compromise both cloud misconfigurations (i.e. databases exposed to the internet) and excessive access permissions to carry out ransomware campaigns and exfiltrate data.
Combining CIEM and CSPM provides 365 degree context to automate the detection and remediation of cloud security risks. For example, understanding whether a sensitive data store is vulnerable to attack requires a holistic assessment of its access permissions, resource configuration and network configuration.
“Since the Ermetic Platform has deep visibility into all cloud resources to determine identity and permissions risk, we already provide many native CSPM capabilities,” said Shai Morag, CEO of Ermetic. “Our identity-first approach addresses the most difficult cloud security challenges, so extending our platform with CSPM for compliance, reporting and governance was a natural and easy next step.”
End-to-end, identity-first cloud security
The integration of CIEM and CSPM addresses two key elements of cloud security: the detection and visualizing of attack vectors in cloud configuration and access permissions, and full stack visibility into identity entitlements and resource settings to understand and manage cloud risk. The Ermetic Platform combines the following complete set of capabilities in one unified product:
CIEM – Full Lifecycle Identity Governance
- Governance of all human and service identities according to industry best practices and custom policies throughout the identity lifecycle
- Full-stack analysis and visualization of permissions and effective access
- Prioritization of risks according to full posture analysis
- Automatic remediation through a variety of workflows and integrations
- Overprovisioning alerts to enable Shift Left for DevOps and SRE teams
- Anomaly detection based on behavioral analysis
CSPM – Cloud Resource Configuration Management
- Asset inventory management
- Resource configuration analysis
- Network visualization and exposure
- Compliance audit and reporting
- Activity audit and investigation
The Ermetic Platform with integrated CIEM and CSPM capabilities is available immediately from Ermetic and its business partners worldwide. There is no additional cost for the new CSPM features.