Ermetic Cloud Security Platform

Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Ermetic
Company size (employees)10 to 49
Type of solutionCloud/SaaS

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

- Ermetic addresses one of today’s top cloud security challenges by bringing order to the chaos created by the massive amounts of loosely implemented entitlements dynamically associated with people and machines in multi-cloud environments. Gartner estimates, “by 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020.” It was only this year that Gartner defined a market for CIEM, but Ermetic’s founders had identified the business need and founded the company in 2019 to fulfill this unmet need in cloud security. Ermetic is already growing rapidly, and the CIEM market is expected to grow exponentially over the next several years.

- Ermetic’s advanced CIEM technology, unique full stack visibility and continuous lifecycle approach performs a deep, continuous assessment of cloud infrastructure entitlements that automates the discovery and control of complex access rights. The proprietary identity, access and entitlement management tools provided by each cloud service provider do not allow for least privilege enforcement, automated risk assessment, prioritization or remediation for multi-cloud environments at scale. Ermetic addresses gaps in other cloud security approaches like CASB, which doesn’t provide granular visibility and management of IAM/permissions at the user, application and resource level in cloud infrastructure environments; and CSPM which focuses on policy compliance and violations, but lacks the specialized analytics required to identify access risks and enforce least privilege.

- The Ermetic platform automates the discovery of identities and entitlements across multi-cloud environments, including third party access and federated users, to provide full-spectrum visibility, anomaly detection, least privilege enforcement and risk remediation at scale. It eliminates the risk of misconfigured entitlements in cloud infrastructures without sacrificing cost, agility, speed and scale. Ermetic ensures that developers, IT, security and DevOps can securely access public cloud infrastructures with only the entitlements required

Brief Overview

The Covid19 pandemic has accelerated the move to the cloud where identity is a security perimeter. This has made managing cloud infrastructure entitlements more critical than ever before. Previously, the only way to manage access permissions was manually, using limited-functionality service provider tools proprietary to each cloud platform. On average, enterprises use more than one cloud platform, so enabled permissions can extend into the millions, with up to 90% being risky, unused and excessive. Just one misconfigured cloud entitlement can bring down an entire application or lead to a devastating breach. In AWS alone, there are 2500+ permission settings for users, devices, applications and services, making it virtually impossible to assess the risks manually.

This year, Gartner introduced a cloud security category called Cloud Infrastructure Entitlement Management (CIEM) to describe a new approach for managing access and enforcing least privilege in the public cloud. Ermetic is a pioneer of CIEM technology that governs identities, access entitlements and enforces least-privilege access policies across multiple cloud provider platforms.

The Ermetic Cloud Security Platform automates the detection and remediation of dangerous or excessive permissions in the cloud that should be modified or revoked. It centralizes the enforcement of least-privilege policies on a continuous basis across multi-cloud infrastructures including Amazon, Google and Microsoft.

Ermetic’s disruptive CIEM technology addresses the complexity and sheer magnitude of cloud infrastructure entitlement management. It automatically discovers and analyzes all human and machine identities and entitlements in AWS, Azure, and Google Cloud. It is the first cloud-native security solution to provide full-stack insight into access entitlements across IAM policies, network configurations, storage and secrets assets. Ermetic’s unique, contextual capabilities expose overprivileged, unused and risky entitlements, and enforce least privilege access in multi-cloud environments.