Entro Streamlines Machine Identity Life Cycle Management
Entro has added a life cycle management capability to its namesake platform for discovering and managing machine identities.
In addition, the company has added integration with CIFS/SMB File Shares and Microsoft SharePoint to make it simpler to scan documents for secrets.
Entro Security CEO Itzik Alvas said these integrations are the latest in a series that makes it simpler to manage machine identities within the context of, for example, a DevSecOps workflow that can be used to ensure software is not being deployed on a machine where secrets have been exposed.
Identity management is, of course, core to any zero-trust IT initiative, but too many organizations are solely focused on end-user identities. Organizations need to also assign identities to machines to, for example, implement multifactor authentication (MFA). Managing all those machine identities requires a platform capable of keeping track of them as new machines are provisioned or decommissioned, noted Alvas.
Historically, cybersecurity teams would run scans to determine what machine identities exist and then compare them to those listed in a vault. Entro Security enables cybersecurity teams to employ machine learning algorithms to continuously scan for any abnormal behavior to ensure any system connected to the IT environment is authorized, said Alvas.
In addition to discovering any machine identity secrets that might have been inadvertently exposed, the life cycle management capability added to the platform now makes it simpler to visualize the relationship between all those machine identities that exist in an IT environment, he added.
It’s not clear to what degree cybersecurity teams are tracking machine identities alongside the identities of end users along with the identities of the individual software components that make up a software supply chain. However, as cybersecurity regulations become more stringent, the ability to manage identities at a more granular level is going to be required, especially as more platforms are added to IT environments in the age of the internet-of-things (IoT).
The challenge is that most cybersecurity teams currently lack the tools needed to manage anything beyond the identities of end users, and even that is implemented unevenly at best.
Hopefully, as security and IT operations become more unified, the management of identities will converge. After all, zero-trust IT ultimately requires organizations to be able to correlate the identify of end user to both the hardware employed and the software an end user might be allowed to access based on their role in the organization. In the absence of that capability, it simply becomes too easy for cybercriminals to steal credentials that they eventually use to gain unfettered access to IT environments by escalating privileges after they gain initial access.
Each organization will naturally need to determine how best to implement zero-trust IT based on the level of risk they face. However, it’s exceedingly difficult to determine the level of risk without knowing what secrets are exposed. The trouble is there are already so many secrets regularly exposed that it’s nearly impossible to track them all without some help from machine learning algorithms and other forms of artificial intelligence (AI).
