"Eyes without a face...got no human grace...you're eyes without a face…"
(Billy Idol)
This notorious song is a good metaphor for what enterprises are facing today: they are mostly clueless about Identity Threats. Identity Threat Detection and Response, or ITDR, is a crucial component of overall cybersecurity and Identity & Access Management (IAM) strategy. It focuses on detecting and responding to threats that target an organization's digital identities, human and the increasing plethora of system/machine accounts. ITDR augments IAM, adding Detect & Response capabilities to today’s IAM preventive-only controls. ITDR can help to identify potential security breaches and take actions leveraging the IAM platform, such as blocking access to sensitive data, disabling compromised accounts, and reviewing access permissions based on risky situations. An additional wave of security threats is coming from the ‘Cloud’. In a world fastly moving to ‘born-for-the-cloud/microservices based» applications (e.g. Kubernetes), securing cloud workloads with Cloud Workload Protection platforms (CWPP) is a growing security concern as pre-cloud Security Products are unable to address the runtime DevOps security requirements.
Sharelock is uniquely positioned to combine ITDR and CWPP capabilities built on its behavioural anomaly detection platform. Sharelock foresees ITDR-detected and CWPP-detected Threats to correlate for extremely more accurate Threat Detection and false-positive avoidance. Why? "People and Machine Identities use Applications and APIs, Application & APIs shall predominantly run on microservices-based Cloud architecture." Our CWPP capabilities are detailed in a separate white paper. This white paper focuses only on the Sharelock ITDR module.