Sym launches dynamic authorization platform to tackle pressing security issues

Sym has launched a platform for dynamic authorization. Their secure access platform builds on their Slack app and SDK which was designed for platform engineers and practitioners.

Now, with the launch of Sym’s platform, security teams can manage dynamic authorization across their entire organization, incorporating governance, audit, and administration.

Secure access management is at the top of the list for many security leaders – and for good reason. In 2023, the average total cost of a data breach in the United States reached a record high of $9.48 million, according to IBM, with 49% of all breaches involving stolen credentials according to a Verizon report.

Sym’s dynamic authorization platform extends Sym’s surface area to combat attacks that exploit messy credentials and leaky access. To do that, Sym helps teams craft custom rules for temporary, auditable access that slot into existing infrastructure – offloading the manual work of access request routing and eliminating overly-provisioned access from human error.

But Sym’s reach extends beyond surface-level defense. Designed as a purpose-built workflow engine for access management, Sym moves a step beyond SSO and birthright access to solve the everyday access needs of modern organizations. Sym’s dynamic authorization platform fills the gap that exists between disparate teams, tools, and approval processes – a friction that often underlies access risks.

“Using Sym to implement just-in-time access for us is great. Not having engineers that have stagnant or over privileged AWS policies assigned within their accounts or different environments 24×7 makes me sleep a little bit better at night,” said Justin Hadley, Director of Information Security at Orum.

The introduction of Sym’s dynamic authorization platform introduces governance controls, adaptive rules, and security integrations that allow teams a frictionless path to implement enterprise-grade security. Specifically, Sym’s launch of a web-based application, changes to their SDK, and partnerships with AWS, Vanta, Datadog, and Hashicorp make Sym a standout tool for establishing Zero Trust.

Among the improvements that come with Sym’s dynamic authorization platform, there are a few feature highlights:

Web application for centralized access management and audit: Sym’s web application allows security & IT teams to view, manage, and report on access requests from one centralized location. The webapp simplifies the approval process and provides a single source of truth for org-wide access – paving the way for straightforward access controls and fast audits.

Intelligent, context-based access controls: Sym’s laser focus on context-driven access decisions shows through in their latest SDK features.

  • Historical context allows you to use historical event data to inform runtime decisions, making your access decisions faster and more intelligent.
  • Dynamic targets for AWS SSO – Sym’s deep AWS IAM Identity Center Integration means that implementers can configure temporary access flows per organizational unit, minimizing maintenance overhead for teams with dynamic AWS account provisioning.

Deep security partnerships and integrations: Over the last few months, Sym has built partnerships with AWS, Hashicorp, Vanta, and Datadog. A few of Sym’s recent integrations include:

  • AWS – Sym is now available via the AWS Marketplace, simplifying purchasing flow and complementing our existing AWS IAM Identity Center and AWS Kinesis integrations.
  • Datadog – The company’s native Datadog integration includes built-in facets, attribute mappings, and an out-of-the-box dashboard to simplify reporting and analysis with Sym administrators.
  • Jira – Integrate business context from Jira into flows, automating your access management ticket queue.
  • Hashicorp Boundary – Add context-based temporary access to the remote hosts and infrastructure endpoints with the company’s HCP Boundary integration.
  • Vanta – Automate the entitlements review process by syncing Sym users to Vanta.
  • KnowBe4 – check user training enrollments, pass/fail status, and group membership. Use this information to route requests and grant or deny access dynamically.

Sym’s dynamic authorization platform provides a critical, programmable connection between disparate elements of your infrastructure and security stack, filling a critical gap in existing IGA and CIEM solutions. The extensibility of the platform combined with the context-driven approach to access ensures teams can tackle pressing security issues faster, and with more scrutiny than ever before.

OPIS

Subscribe to the Help Net Security breaking news e-mail alerts:

OPIS
More about

Don't miss