Based on continuous monitoring of cloud access, companies can enforce least privilege principles by identifying and removing unnecessary cloud permissions that inevitably carry high security risks.

The CyberArk Cloud Entitlements Manager is a key component of CyberArk's identity security strategy. It is based on a zero-trust model and artificial intelligence to use contextual information to correctly assess risks and take appropriate action. As all identities can be privileged under certain conditions, traditional approaches to managing and securing identities are no longer sufficient. This applies in particular to the cloud, where identities and their authorizations are added or changed with great dynamism.

In less than an hour, the CyberArk Cloud Entitlements Manager can be configured, perform a risk assessment and trigger targeted remediation actions. The cloud provider-agnostic service then continuously detects hidden, misconfigured and unused cloud entitlements. On this basis, a company can establish a consistent least-privilege principle for cloud usage and thus significantly improve security.

Users of the CyberArk Cloud Entitlements Manager in the Cloud, Security and Identity and Access Management departments benefit from a simple and intuitive user interface. For example, it includes a central dashboard with a complete overview of authorizations across Amazon Web Services (AWS), Amazon Elastic Kubernetes Service (Amazon EKS), Google Cloud Platform (GCP) and Microsoft Azure environments.

"Cloud usage is increasing across the board and with the introduction of new environments and cloud services, thousands of identity-based entitlements are being generated, many of which are barely considered or monitored," explains Michael Kleist, Regional Director DACH at CyberArk. "If such entitlements are not properly configured or managed, they allow attackers to gain privileged access and ultimately compromise an entire cloud environment. CyberArk Cloud Entitlements Manager helps organizations take back control of cloud security by changing the way these entitlements are secured and managed without compromising operational efficiency."

With the new Cloud Entitlements Manager, CyberArk addresses the risks posed by the increasing use of cloud services. According to a recent survey by the analyst firm Enterprise Strategy Group, accounts and roles with too many authorizations are among the most common misconfigurations of cloud services. In addition, most cyber attacks on cloud applications and services in the last twelve months were due to the misuse of these unnecessary privileges.