Sysdig has launched a new solution, Cloud Identity Insights, that will make it easier for companies to detect compromised identities so they can act faster to contain problems.
The company explained that according to a report from Verizon, almost 40% of data breaches are the result of compromised accounts. Therefore, suspicious user activity is often the first indicator of a data breach.
Cloud Identity Insights detects compromised identities by monitoring for that suspicious user activity, then, offering suggested containment actions, like password resets or user deactivation. By automatically detecting account takeovers, Sysdig enables security teams to act more quickly to shut down accounts before they can cause too much damage.
The solution also evaluates the permissions that were exploited by a compromised account during an attack, then highlights the riskiest roles and users so that security teams can act to prevent future breaches.
“Identity is the connective tissue between detection and prevention,” said Shantanu Gattani, vice president of product management at Sysdig. “Quarantining compromised identities is critical for both containing attacks in motion and stopping them in the future, but with a 240% upsurge in human and machine identities over the last year, understanding which identities are compromised is a challenge in and of itself. Identity abuse informs everything from an immediate and targeted threat response to a comprehensive and effective Zero Trust cloud strategy – that’s exactly where we enable security teams with Cloud Identity Insights.”