Veza, the identity security company, announced the launch of an integration between the Veza Access Control Platform and the CrowdStrike Falcon® platform. The integration brings risk scores and severities generated by CrowdStrike Falcon Identity Threat Protection, a module of the Falcon platform which detects and stops identity driven breaches in real-time, into Veza, to quickly identify, manage, and restrict access to critical applications, systems and data in the event of an identity-based threat.
According to Gartner, “Conventional identity and access management (IAM) and security preventive controls are insufficient to protect identity systems from attack. To enhance cyberattack preparedness, security and risk management leaders must add identity threat detection and response (ITDR) capabilities to their security infrastructure.” Whether an attack comes in the form of ransomware, insider attacks, or credential theft, security teams must quickly identify the sensitive data that attackers could potentially access, edit, and delete. With traditional IAM and Identity Governance and Administration (IGA) tools, the process of understanding who has access to what, and who can take what action on what data can take days or weeks. Organizations struggle to visualize identity and associated access permissions across enterprise resources (SaaS apps, databases, data lakes, and cloud services).
Veza’s integration with CrowdStrike provides a modern approach to ITDR by consolidating access to permissions to accelerate identity-based threat investigation and containment. When a user is compromised, their account access is revoked. When CrowdStrike detects a compromised identity, Veza accelerates containment and mitigation by triggering an automated access and certification review for the compromised identity. Identity access to all cloud services and on-premise custom apps, SaaS apps, and data systems can be identified and removed within minutes.
Also Read: CrowdStrike Ranked #3 in 2023 Fortune Future 50 List.
“CISOs and CIOs face unprecedented challenges with highly sensitive data distributed across hundreds of cloud services and on-premise systems that thousands of users and machine identities can access. When you’re dealing with a potential breach, it’s mission-critical to understand identity access immediately,” said Tarun Thakur, Co-Founder and CEO at Veza. “Veza gives security and identity teams complete control of all identities and permissions at the most granular level across SaaS apps, on-premise apps, custom-built apps, databases, and cloud infrastructure. We’re excited to integrate with CrowdStrike, the leading AI-native cybersecurity platform, arming customers with the intelligence they need to stop breaches.”
Key benefits include the ability to:
- Determine the blast radius from a compromised user or a compromised machine identity.
- Veza instantly helps visualize effective permissions of a compromised user identified by CrowdStrike Falcon Identity Protection across cloud and on-premise applications (i.e. Snowflake tables, GitHub repositories, CRM applications such as Salesforce).
- Visualize permissions and conduct automated access reviews and certifications to quickly mitigate impact by a compromised user or a machine identity.
- Prioritize threat response based on user access.
- Use the Veza Authorization Graph to prioritize remediation for users with the most access to sensitive data.
- Streamline remediation and minimize the attack surface to prevent breaches of sensitive data.
- Conduct micro-certification and just-in-time access reviews.
- Modernize identity access and identity governance processes by immediately reviewing at-risk access from CrowdStrike’s identity-based risk scores.
- Improve security posture and prevent risk exposure without waiting for the next full access review.
SOURCE: BusinessWire