At RSA Conference 2023, Uptycs unveiled the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure AD to reveal suspicious behavior as the developer moves code in and out of repositories and into production.
The result is an early warning system that allows security teams to identify and stop threat actors before they can access data and services in the cloud.
Uptycs customers can track and analyze malicious activity across multiple attack surfaces from a single UI, including endpoints, cloud, containers, control plane for cloud and Kubernetes, and now code repositories like GitHub and identity providers like Okta and Azure AD.
Support for identity providers gives Uptycs the ability to tie together developer activity from their logged-in accounts, from their laptops, and into the cloud. These added capabilities improve threat detection and response, especially for security analysts investigating the severity and scope of an alert for incident response.
According to Gartner, “The attack surface of cloud-native applications is increasing. Attackers are targeting the misconfiguration of cloud infrastructure (network, compute, storage, identities and permissions), APIs and the software supply chain itself. Moreover, cybersecurity attackers frequently steal credentials from developers and engineers that have access to important backend resources.”
Unlike siloed endpoint and cloud security solutions, Uptycs protects the entire arc of cloud-native application development, from the developer’s laptop to container runtime.
With Uptycs, customers can reduce risk and prioritize responses to threats, vulnerabilities, and misconfigurations, as well as meet compliance mandates—all from a single UI and data model.
“Recent high-profile data breaches, such as LastPass and CircleCI, highlight the need to detect threat actors earlier in the kill chain before they move from a developer’s laptop into crown jewel data and services. This means giving security teams the ability to track threat activity across developer machines, source code repositories, identity providers, and cloud infrastructure,” said Ganesh Pai, CEO of Uptycs.
“Uptycs customers don’t have to choose between shifting left or right. They can shift up for unified security visibility and control over their modern attack surface—from laptop to cloud,” Pai concluded.