Mastering Least Privilege Access: The Art of Rightsizing Policies [NA]

Logo
Presented by

Cathal O'Neill Director - Software Engineering at Rapid7, Tyler Terenzoni Manager - Product Management at Rapid7

About this talk

The massive scale of cloud environments leads to teams potentially managing millions of distinct identities at any given time across their organization. As a result, security teams often struggle to implement and manage access policies that balance the integrity and security of their organization’s network, users and data with the efficiency and effectiveness of their counterparts in the development and DevOps teams. Ideally, teams work to enforce least privilege access (LPA) strategies that focus on limiting access and privileges to only those that a given user, resource or service needs to do their respective work - and nothing more than that - but this can often be easier said than done. Join Rapid7's Cathal O’Neill and Tyler Terenzoni, where they’ll discuss the challenges that lead to excessive permissions and showcase how Rapid7 InsightCloudSec can help: - Identify key identity-related risk signals in real time across all your cloud environments. - Uncover toxic combinations that increase risk associated with a given identity. - Narrow the scope of investigation to prioritize remediation efforts based on likelihood of exploitation and potential impact. - Continuously review permission usage and intelligently recommend remediation policies to enforce LPA based insight into unused permissions and/or anomalous activity.

Related topics:

More from this channel

Upcoming talks (11)
On-demand talks (550)
Subscribers (45194)
Rapid7 is creating a more secure digital future for all by helping organizations strengthen their security programs in the face of accelerating digital transformation. Our portfolio of best-in-class solutions empowers security professionals to manage risk and eliminate threats across the entire threat landscape from apps to the cloud to traditional infrastructure to the dark web. We foster open source communities and cutting-edge research–using these insights to optimize our products and arm the global security community with the latest in attackers methods. Trusted by more than 10,000 customers worldwide, our industry-leading solutions and services help businesses stay ahead of attackers, ahead of the competition, and future-ready for what’s next.