Detect risky identities & privileges, respond to cloud threats, & maintain unified controls across cloud, SaaS, & IDaaS

Safely Onboard Users

Identify the minimal access privileges needed for users to do their jobs.

Monitor Identity Usage

  • Apply out-of-the-box security policies
    Monitor risky configuration & data exposure changes, & deviations from service best practices.
  • Monitor risky action by admins
    Track enrollment of new admins, admin account changes, & SoD violations by admins.
  • Monitor all types of identities
    Including human & non-human identities like apps & tokens.
  • Classify sensitive files and monitor how they are being shared. Apply enhanced monitoring to external users, data oversharing, & sharing of data with external contractors.

Enforce Least-Privilege Access

  • Detect stale identities
    Remove unused admin accounts, stale privileged users, & terminated external contractors.
  • Right-size over-privileged entitlements and risky permissions
    Grant only the exact access needed.

Detect & Respond to Threats

  • Prioritize and contextualize alerts
    Reduce alert fatigue & investigation times.
  • Identify account takeover indicators
    e.g suspicious IP addresses, rare countries, impossible travelers, & excessive usage.
  • Alert on insider threats using built-in rules
    Sharing data with personal accounts, & mass download of corporate resources.
  • Detect breach indicators
    Changes to admin accounts, deactivation of updates, deletion of logs & audit trails, & encryption of buckets.

Safely Offboard Users

  • Uncover stale vendors
    Vendors & contractors who have been terminated or otherwise don’t use their access.
  • Identify unmanaged local users
    i.e. not managed by your identity provider.
  • Fully offboard users
    Make sure employees & vendors don’t have access to any of your cloud services after they leave.
  • Detect, fix, and verify off-boarding gaps