Ermetic Cloud Infrastructure Security Platform

Additional Info

Company size (employees)100 to 499
Type of solutionCloud/SaaS


Businesses using the public cloud (AWS, Azure, Google Cloud) typically underestimate the security risks from excessive permissions and privileges extended to human and machine identities that have access to sensitive company resources. AWS alone has 2500+ permission settings for users, applications and services. An average company has thousands of human and service identities and millions of attached entitlements and configurations that determine access to compute resources and data. Just one misconfiguration can take down an application or lead to a devastating breach.

Analyst firm Gartner estimates that “by 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020.” IDC recently found that 98% of organizations experienced a cloud data breach, up from 79% a year ago. Attackers target both cloud misconfigurations (i.e. databases exposed to the internet) and excessive access permissions to launch ransomware, compromise systems and exfiltrate data.

Ermetic has developed the first cloud-native CIEM platform that reduces identity and access risks across single and multi-cloud infrastructures by automating the detection and remediation of excessive and high risk privileges on a continuous basis. The Ermetic SaaS platform continuously examines identity and access management policies plus the configuration of network, storage and secrets assets to accurately assess risks, eliminate attack surface blind spots and automate remediation of excess entitlements and response to suspicious access. Ermetic provides comprehensive cloud security for AWS, Azure and GCP that uniquely spans both CIEM and cloud security posture management (CSPM). The platform is SOC 2 Type II certified, ensuring it meets and exceeds the strictest industry standards for security, availability and confidentiality.

No other CIEM solution reduces the cyber attack surface at scale across single and multi-cloud infrastructures with full stack visibility and control over multi-cloud infrastructure entitlements.

How we are different

Ermetic has developed CIEM technology that enables enterprises to finally address the sheer magnitude and complexity of managing the thousands of identities and millions of entitlements and configurations that determine access to enterprise compute resources and data in the cloud. Ermetic automatically discovers all human and service identities in AWS, Azure, and Google Cloud, and analyzes their entitlements using a continuous lifecycle approach. Ermetic identifies and prioritizes the privileges that pose a security threat, generates and automatically implements optimized policies, and monitors activity to detect changes and orchestrate the remediation of new threats. Ermetic automates the continuous analysis and assessment of all of the complex sets of variables across thousands of identities and millions of entitlements at scale, places entitlements into context, determines and prioritizes the risk and provides automatic remediation.

Ermetic pioneered CIEM technology that enables customers to reduce their cyber attack surface across single and multi-cloud infrastructures, detect back doors and unauthorized access, prevent lateral movement, protect sensitive resources and data, prevent insider errors and threats, identify behavioral anomalies, audit third party access, govern administrator and developer privileged access, and more. Taking an identity-first approach to cloud infrastructure security, Ermetic uniquely combines CIEM with CSPM and uses this full stack visibility and highly contextual data to accurately assess risks and automate the elimination of attack surface blind spots, the remediation of excess entitlements and response to suspicious access. This allows Ermetic to reduce an enterprise’s cyber attack surface at scale across entire single and multi-cloud infrastructures, which no other solution can accomplish.

Ermetic has a rapidly growing global customer base that includes Tyler technologies, IronSource, airSlate, Symphony Talent, ,Beth Israel Lahey Health, , AppsFlyer, Sunday Sky, Latch, Riskified, Aidoc, IntelyCare, Wex Inc. (NYSE: WEX) and more. For more information on how Ermetic helps customers, visit