Security and Risk Managers Now Have a “Single Source of Truth” for AWS Audits to Address Compliance and Governance Requirements
SYouAttest®, a leading provider of Identity Audit and Compliance tools, introduced a new solution that creates a “single source of truth” for security and risk managers for AWS that is now fully integrated with leading cloud and enterprise identity access management platforms onto a single platform. YouAttest empowers security and risk managers to eliminate privilege escalations, mitigate over-permissive cloud entitlements, implement best practices for “least-privilege principles,” and support zero-trust initiatives.
A recent cloud security firm Ermetic study found that AWS environments have some known security and risk management concerns:
- 90% of S3 buckets are at risk due to misconfigured identities that, if compromised, would place an AWS account at risk.
- Over 70% of the environments had machines publicly exposed to the internet and identities whose permissions allowed the exposed devices to perform ransomware.
- Over 45% of the environments had third-party identities that could perform ransomware by elevating their privileges at the admin level.
- Almost 80% of AWS environments contained IAM (Identity Access Management) users with enabled access keys not used for 180 days or more, leading to potential ransomware risk.
“YouAttest focuses on addressing the needs and compliance requirements of security and risk managers who must address their myriad of cloud and enterprise environments,” said Garret Grajek, CEO of YouAttest. He continued, “The identity governance community required a unified and automated platform that can span all of their hybrid enterprise resources including AWS, GCP, Azure AD, Okta, Ping, JumpCloud, and others to enable least privilege best practices and support zero-trust initiatives.”
YouAttest has now added support for AWS identity, which will simplify, automate, and consolidate the identity audits. YouAttest enables security and risk managers to perform fully automated access reviews of the AWS Identity Access Management (IAM) system. These access reviews can be consolidated and integrated with other IAM tools across other cloud and enterprise IAM platforms into a single audit process. They can identify and address potential vulnerabilities from excessive permissions, over-privileged accounts, or policy violations within their AWS environment, providing auditors with a complete understanding and visibility of identity management information.
“Locking down AWS permissions is an imperative task for any organization. YouAttest is a proven governance solution that helps automate this crucial task by validating that the AWS permissions meet security and compliance requirements,” states Stacey Cameron, CEO of CyCam Strategies, a leading security and risk management services provider.
New security and risk management capabilities available with YouAttest’s integrated support for AWS include:
- AWS Root Account Audit – Evaluate the security controls and configurations associated with their AWS root account, ensuring best practices remain protected.
- AWS User Account Audit: YouAttest performs comprehensive audits of user accounts, including assessing and validating attributes such as last login, password age, last activity, multi-factor authentication status, and additional security vulnerabilities.
- AWS Groups Audit: YouAttest assesses the configuration and permissions of AWS user groups, ensuring proper access controls are in place.
- AWS Policies/Permissions: Auditing capabilities have been extended to evaluate AWS policies and permissions assigned to users.