Nearly every organization struggles to monitor service accounts, tokens, APIs, and access keys. accounts that are scattered throughout its environment. Modern applications rely on APIs to bring in data and also to make data available to other services and applications. Developers relying on service accounts to authenticate applications with various services need to store them securely and monitor how the accounts are being used.This is the problem Anetac, coming out of stealth May 6, hopes to solve with its dynamic security and identity management platform for hybrid environments. Anetac aims to protect service accounts so that attackers can’t use them to breach organizations. The streaming identity platform continuously discovers and monitors non-human and shared-use service accounts and allows security teams to identify and respond to incidents involving abused accounts. The Anetac Dynamic Identity and Security Platform maps access chains and relies on behavioral analysis to detect unusual activity.Service accounts typically outnumber user accounts by “30-45 times,” Anetac said in its release. And issues such as large standing privileges, accounts being shared across multiple teams, credentials not being rotated regularly, and dormant accounts are all common challenges. A retail organization deploying the Anetac’s technology discovered that 20% of provisioned accounts had never been used, 55% of all accounts were disabled, and 30% had passwords that were over a year old, Anetac said in the release. The platform also found hundreds of passwords that had been unchanged for more than five years.As part of the launch, Anetac also raised $16 million in funding from Liberty Global, Shield Capital, and GP Ventures. Anetac is working with organizations in a variety of industries, including airlines, banking institutions, educational centers, and mining. Anetac’s co-founders, Tim Eades, Yi Sun, Meng Xu, Megan Withycombe, Colin Ross, and Diana Nicholas, all previously held senior roles in vArmour. Eades was previously CEO of Armour, as well as of Silver Tail Systems (acquired by EMC in 2012).
Source link
Anetac Targets Service Account Security
Related Posts
First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia
“They don’t trust their smartphones, so they reach back to these more archaic devices, and those blow up. What’s next?” says Schneier. “Everything becomes less efficient, because they can’t communicate…
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
A clever threat campaign is abusing GitHub repositories to distribute the Lumma Stealer password-stealing malware targeting users who frequent an open source project repository or are subscribed to email notifications from…