Opal Security this week updated its privilege posture management platform to provide the ability to detect irregular access to an IT environment and manage privileges by groups.
In addition, the Opal platform is now natively integrated with the Snowflake cloud platform which has recently been the focal point of a series of high-profile data breaches involving access management issues. The Opal Security platform provides the ability to see and modify which users have access to Snowflake Roles and Securable Objects so that teams can manage access and privileges to a granular level.
Opal Security CEO Umaimah Khan said these additions to a platform that leverages machine learning algorithms are to enable organizations to reduce over-provisioning of IT resources, which is often at the heart of many cybersecurity incidents.
The core issue is that far too many organizations grant access privileges too broadly to employees because it’s not possible to manage this process proactively. Organizations are, in effect, granting access privileges on a just-in-case basis rather than as needed, said Khan.
Additionally, access privileges are typically granted by business units that don’t always remember to rescind them once an employee changes roles or leaves the organization. The Opal Security platform employs machine learning algorithms to identify usage behavior patterns, that can then be used to continuously calibrate which privileges have been granted to IT environments that are no longer required. In far too many environments, end users for the sake of convenience have often developed multiple “back alley” methods for accessing applications that once discovered cybercriminals are only too happy to exploit, noted Khan.
That capability also provides organizations with an auditing capability that helps reduce the cost of compliance reviews, she added.
Cybercriminals have been sending waves of phishing attacks to compromise credentials with one primary goal. They hope that stolen credentials will not only provide them access to multiple applications but also escalate access to other IT environments by being granted additional privileges. Known as privilege escalation, these types of attacks can be crippling when organizations discover, for example, that malware has been distributed across multiple application environments.
The Opal Security platform effectively makes it possible for organizations to reduce the blast radius of these types of attacks by ensuring access privileges are tightly controlled, said Khan.
As organizations embrace zero-trust IT initiatives to improve cybersecurity, many of those investments are squarely focused on identity management. That has led to significant adoption of multifactor authentication to prevent unauthorized access, but cybercriminals only need to compromise one set of credentials to potentially wreak havoc. The more privileges those credentials grant the more lethal the cyberattack becomes.
Ultimately, cybersecurity teams need to have a long overdue conversation with business leaders about how privileges are granted and, just as importantly, revoked. In the meantime, however, machine learning algorithms can provide cybersecurity teams with some insights into the scope of an issue that in the wake of a cybersecurity breach is quickly identified as one of the root causes of the cybersecurity ills that plague organizations today.
Recent Articles By Author