Authomize expands REST API framework to provide in-depth visibility into the IAM permission models

Authomize has expanded its REST API framework that enables customers to easily build their own custom connectors to their cloud and homegrown applications and services in as little as a couple of hours.

Authomize’s Software-as-a-Service (SaaS) solution enables organizations to automatically secure access privileges across their entire cloud stack, including IaaS, SaaS, and IAM solutions.

Utilizing native connectors, REST APIs, SCIM connectors, and a file uploader, Authomize can ingest, normalize, and analyze identity and access data from any cloud, on-prem, or homegrown application or service.

Building on this data, Authomize can gain deep insights into the effective access paths that would otherwise be obscured by the mass of multiple IAM structures and multi-cloud, siloed environments.

Now Authomize is releasing a new version of its API to empower customers to connect more of their applications and services with the same granularity and coverage as the native connectors.

“Authomize’s exceedingly granular connectors allow us to provide in-depth visibility into the most complex IAM permission models, including users, groups, roles, access privileges, assets, and activity,” says Guy Katzir, Authomize’s Head of Product, adding that, “Our ability to map and understand the hierarchy structures within assets and groups gives customers the fine grained insights they need to apply the most effective identities and access security controls and perform the most thorough incidents investigations.”

“We are already seeing customers using the REST API to build integrations to Coupa, Workday, Zuora, Chef, NetSuite, and more,” he says, “They are using these connectors to get the same high level of IAM permission modeling and depth of visibility value that we provide for our native connectors. Our new framework enables them to perform all functions they look to Authomize for, from running accurate streamlined User Access Reviews to enforcing security policies with continuous monitoring.”

Using the new REST API, organizations can integrate Authomize with their entire security stack, including leading SIEMs, SOARs, and ITSMs.

Along with the recently released APIs, users can utilize new webhook functionalities to automate the revocation of access privileges directly through their Okta, send alerts to security orchestration tools such as Microsoft Sentinel, and open tickets in ServiceNow and Jira, adding value to the rest of their tooling ecosystem from Authomize’s identity and access data enrichment.

“Customers can now create bi-directional integrations that allow them to not only send tickets or alerts, but also receive updates on incidents to provide an end-to-end workflow and verify remediation,” says Katzir.

As part of the expansion of integrations, Authomize has added Identity Providers (IdPs) OneLogin and JumpCloud, as well as Bamboo HR and Delinea’s Secret Server that will allow them for tracking users between Secret Server and AWS, helping customers to identify stale accounts and secrets.

Authomize customers can expect to see additional support for key applications and services that they build, own, and use in their cloud. This is likely to include a continued focus on expanding Cloud Infrastructure Entitlement Management (CIEM) and Identity Threat Detection and Response (ITDR) capabilities to secure access privileges for customers’ continuous development pipeline.

More about

Don't miss