Sysdig Addresses Risk of Excessive Permissions with Cloud Infrastructure Entitlements Management

OCTOBER 27, 2021


Nearly 80% of users have overly permissive policies that can be mitigated in less than two minutes

SAN FRANCISCO– October 27, 2021 — Sysdig, Inc., the secure DevOps leader, announced today the addition of Cloud Infrastructure Entitlements Management (CIEM) capabilities to the Secure DevOps Platform. Taking a zero trust approach, customers get instant visibility and control over cloud permissions. The Sysdig Threat Team found that nearly 80 percent of users have excessive entitlements due to overly permissive policies that allow full admin access in their AWS cloud. Sysdig customers can quickly remediate over-privilege access in less than two minutes. With the fix taking minutes, there is no excuse for not taking this step to reduce risk.

Blog: Cloud Infrastructure Entitlements Management (CIEM) with Sysdig Secure 

The Risk of Excessive Permissions in Cloud Infrastructure
According to Gartner®, “By 2023, 75% of security failures will result from inadequate management of identities, access, and privileges, up from 50% in 2020.” (1) As organizations adopt the cloud, they struggle to gain visibility and control of access rights and permissions granted to cloud identities.

Traditional identity tools built for on-premises environments cannot keep up with the explosive growth and activity of users and services (for example: AWS Lambda functions) in the cloud. These cloud services often have excessive permissions to access sensitive data and can become an unsuspecting entry point for an attacker to exploit.

“Now within minutes, you know exactly what least privilege policy to apply across your cloud environments,” said Omer Azaria, Vice President of Research and Development at Sysdig. “In the cloud where many things are complicated, this is an easy one to fix. Why wouldn’t you just do it?” 

Take a Zero Trust Approach to Managing Cloud Permissions with CIEM
CIEM helps organizations adopt a zero trust model for Identity and Access Management (IAM) for cloud infrastructure. It provides visibility into all access risks, as well as the ability to remediate quickly. Whether it is a user or service, security teams can answer important questions such as: “What access permissions does the identity have?” “Are those permissions being used?” “Are they overly permissive?” “Has it done anything abnormal?” Teams can then enforce least-privilege access policies and grant just enough permissions to perform necessary actions. 

Automatically Right-Size Permissions Using an Integrated Platform
These excessive permissions can be corrected in the infrastructure as code templates within existing developer-centric workflows. By using an integrated security platform, teams can close the loop from source to production and minimize manual steps and recurring issues as part of their broader cloud security management efforts. 

CIEM Benefits for Sysdig Customers:
  • Gain visibility into all cloud identities and their privileges: Sysdig provides a comprehensive view into access permissions across all AWS users and services, including ephemeral services such as Lambda functions. With this, security teams know which cloud identities have access to sensitive cloud resources.
  • Enforce least privilege in less than two minutes: With Sysdig, users can eliminate excessive permissions by applying least-privilege policies. These “just-enough” permissions are automatically generated based on analyzing what entitlements are granted versus what is actually used.
  • Simplify audit of access controls to meet compliance requirements: Sysdig allows teams to regularly perform access reviews to evaluate active and inactive user permissions and activity. Users can meet specific IAM requirements for standards such as PCI, SOC2, FedRamp, and ISO27001. They save time with out-of-the-box compliance policies and on-demand reports. Sysdig also provides a detailed audit trail of all cloud permission changes as proof of compliance. 

By combining the CIEM capabilities announced today with its existing capabilities, Sysdig customers can proactively prevent cloud permission risk, scan for vulnerabilities and misconfigurations, and detect and respond to attacks across container and cloud environments.


[1] Gartner, “Managing Privileged Access in Cloud Infrastructure”, Paul Mezzera, 9 June 2020.

Gartner Disclaimer: GARTNER is registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.


Amanda Smith
[email protected]

Sysdig Logo

In the cloud, every second counts. Attacks move at warp speed, and security teams must protect the business without slowing it down. Sysdig stops cloud attacks in real time, instantly detecting changes in risk with runtime insights and open source Falco. Sysdig, rated #1 for CSPM in the Gartner Peer Insights “Voice of a Customer” report, correlates signals across cloud workloads, identities, and services to uncover hidden attack paths and prioritize real risk. From prevention to defense, Sysdig helps enterprises focus on what matters: innovation.

Sysdig. Secure Every Second.