A: Cloud Infrastructure Entitlements Management (CIEM), helps organizations adopt a zero trust model for Identity and Access Management (IAM) for cloud infrastructure. It provides visibility into all access risks, as well as the ability to remediate quickly.

A:

• Deep visibility - Discover who (what entitlements) should have access to what (what resources) in the cloud environment.
• Enforcement of least-privilege access - Eliminate excessive permissions with automatically generated optimized policies based on analyzing what entitlements are granted versus what is actually used.
• Facilitate audits of access controls - Perform access reviews to evaluate active and inactive user permissions and activity.

A:

• Inactive identities - Human or non-human users with permissions and access to cloud resources that have not been utilized.
• Super identities - Identities that have been granted a super admin role. These users have unlimited permissions and unrestricted access to all the cloud resources.
• Overprivileged identities - These are the most common hidden risks to cloud infrastructure. These would be identities with significantly more privileges and access than are required to do their day-to-day job.

A: Cloud Infrastructure Entitlement Management (CIEM) solves security risks associated with inactive, overprivileged accounts, super-identities and access across the cloud stack. CSPM addresses compliance, including workloads, infrastructure configuration changes and management. Both capabilities are important to have as part of your cloud security platform.