Our approach to Cloud Infrastructure Entitlement Management
Net-effective permissions
Gain comprehensive visibility into who can take what actions on which resources. CIEM is purpose-built to directly solve the challenges of managing permissions across AWS, Azure, and GCP. CloudDefense automatically calculates users' effective permissions across cloud service providers, detects overly permissive access, and suggests corrections to reach least privilege.
Manage multi-cloud entitlements from a single solution
Gain integrated multi-cloud capabilities delivered from CloudDefense that extend everything we do for Cloud Security Posture Management (CSPM) to cloud identities.
Implement pre-built policies
Leverage specialized out-of-the-box policies to detect risky permissions and remove unwanted access to cloud resources.
Audit permissions for internal compliance
Quickly audit cloud permissions with related user data, service data and cloud accounts.
Rightsizing permissions
Specialized out-of-the-box policies detect risky permissions and help remove unwanted access to cloud resources. Automatically detect overly permissive user access, and then leverage automated recommendations to rightsize them to achieve least-privileged access.
Detect overly permissive policies
Remove unwanted access to cloud resources by automatically detecting overly permissive access policies.
Implement pre-built policies
Use out-of-the-box policies to detect public access, use of wildcards, risky permissions and more.
Automated recommendations
Use automated recommendations to achieve least privilege permissions.
IAM entitlement investigation
Query all relevant IAM entities, including all the relationships among different entities and their effective permissions across cloud environments. Understand which user can take what actions on which resources on which cloud. Turn queries into custom cloud-agnostic policies and define remediation steps as well as compliance implications.
Investigate IAM entitlements
See real-time and historical data to understand IAM activity and entitlements.
Query data to get the full picture of user activity
Gain a detailed view of suspicious activity as well as connected accounts and resources.
Query data specific to identity providers
Discover overly permissive roles of IdP users and correlate results with cloud identities, such as IAM users and machine identities.
IdP integration
Integrate with identity provider (IdP) services like Okta and Azure AD to ingest single sign-on (SSO) data. View effective permissions and overly permissive roles of IdP users, and correlate results with cloud identities, such as IAM users and machine identities.
Leverage integrated support for IdP Services
Ingest single sign-on (SSO) data for an effective permissions calculation and list the effective permissions of IdP users across multi-cloud accounts.
Query data specific to identity providers
Discover overly permissive roles of IdP users and correlate results with cloud identities, such as IAM users and machine identities.
Turn queries into cloud-agnostic policies
Easily build custom guardrails for IdP users by turning RQL queries into IAM security policies with specific compliance and remediation implications.
Automated remediation
Automatically adjust permissions and continuously enforce least-privileged access. Send alert notifications to 14 third-party tools, including email, AWS Lambda and Security Hub, PagerDuty®, ServiceNow® and Slack®.
Activate automated remediation for over-privileged users
Get suggestions for ideal permissions levels for any cloud user from CloudDefense.
Support for 14 common integrations
Seamlessly integrate CloudDefense alerting with your existing alert management tools with built-in support for 14 third-party tools.
Remediation playbooks
Leverage custom Cortex® XSOAR playbooks for CloudDefense and easily operationalize advanced security orchestration capabilities.