Bridging the NHI security gap: Astrix and Torq partner up
2024-5-22 14:19:51 Author: securityboulevard.com(查看原文) 阅读量:5 收藏

While zero-trust policies and identity-centric programs excel at protecting user identities and login credentials with IAM policies and security tools like MFA or IP restrictions, non-human identities (NHIs) like API keys, OAuth apps, service accounts, and secrets often lack visibility, monitoring, and governance. This gap has not gone unnoticed by attackers.

Astrix Security stepped in as the first solution to fill this gap, and we are thrilled to announce our partnership with Torq, making it easier than ever to manage, secure, and remediate NHI risks seamlessly within your SOC automation processes.

Simplifying NHI security with Astrix and Torq

By integrating Torq with Astrix, security teams can automate identifying and responding to anomalies, excessive permissions, unused credentials, and non-rotated non-human identities through streamlined workflows. This integration helps eliminate silos, allowing teams to operationalize Astrix effortlessly within their existing Torq setup.

Automated response and remediation

Astrix brings behavioral analysis, typically used for human identities, to non-human identities – enabling real-time detection of unusual activities. To that extent, Torq allows customers to respond automatically using remediation playbooks driven by preset logic, allowing immediate threat responses without switching between different tools.

Posture management and risky integrations

Unused permissions, risky connections, and unrotated tokens increase your NHI attack surface. Using Astrix and Torq, customers can customize rules to detect unused, overly permissive, and malicious NHI access. These rules are converted into automated playbooks through Torq, ensuring continuous reduction of attack surfaces by removing risky access and non-rotated tokens.

Enhanced change management

Astrix and Torq enhance change management for non-human identities by automating data flows and remediation tasks. When Astrix detects a high-risk NHI event, it feeds this information into Torq, which then creates a ticket in workflow management systems like Jira or ServiceNow. Torq’s automation capabilities then trigger specific playbooks to handle these changes, such as decommissioning NHIs. This automation minimizes manual intervention, ensuring swift and accurate updates and reducing potential errors.

Enter the era of security hyper-automation

The integration of Astrix and Torq transforms how security teams manage non-human identities. This partnership simplifies complex processes and reduces the burden on security teams by automating the detection and response to unusual activities and poorly managed permissions.
Ready to see it in action? Request a demo.

The post Bridging the NHI security gap: Astrix and Torq partner up appeared first on Astrix Security.

*** This is a Security Bloggers Network syndicated blog from Astrix Security authored by Danielle Guetta. Read the original post at: https://astrix.security/bridging-the-nhi-security-gap-astrix-and-torq-partner-up/


文章来源: https://securityboulevard.com/2024/05/bridging-the-nhi-security-gap-astrix-and-torq-partner-up/
如有侵权请联系:admin#unsafe.sh