Ermetic announced new capabilities that enable organizations to define and automatically know when their custom security policies are violated in multi-cloud infrastructures. By providing the ability to create unique policies that govern sensitive resources, Ermetic allows organizations to enforce their own security standards and receive alerts when unauthorized activity occurs and unintended changes are made to entitlements.

A recent IDC survey found that 98% of organizations experienced a cloud data breach in the past 18 months, compared to 79% last year, and that nearly 60% of organizations consider lack of visibility as well as inadequate identity and access management a major threat to their cloud infrastructure. Ermetic's new customizable identity governance templates make it possible to govern identities and entitlements based on the specific needs of an organization, while supplementing compliance with standards frameworks including CIS, ISO and more.

"The sheer volume of entitlements in a typical enterprise's cloud infrastructure makes the manual monitoring and management of risky activity and configuration changes impossible," said Sivan Krigsman, Chief Product Officer for Ermetic. "Our new governance capabilities use programmatic automation to expose behavior and policy modifications that require immediate attention or investigation, without creating a flood of unnecessary alerts."

Comprehensive Identity Governance     
Ermetic now makes it possible to define alerts for specific policy violations that affect sensitive users or resources, such as unauthorized configuration changes or activity. Some of the core capabilities of Ermetic's cloud identity governance framework include monitoring:

• Permissions for unnecessary privileges and access rights 
• Activity for policy violations around specified resources or identities
• Resources for unauthorized configuration changes to security groups, public access settings on a bucket, etc.
• Network permissions for risky settings such as unwanted inbound connections

Some of the top identity governance use cases supported by Ermetic include:

• Identify and generate alerts when sensitive permissions are extended to unauthorized users/groups
• Detect and notify when unauthorized users/groups are assigned access permissions to sensitive resources
• Designate virtual public clouds (VPC) that should never have an internet gateway attached to them, or  subnets that should not allow inbound internet connections and alert on violations.

Availability
The Ermetic Cloud Security Platform with the new identity governance capabilities is available immediately from Ermetic and its business partners worldwide.