Latest news with #CloudInfrastructureEntitlementManagement
Techday NZ
07-05-2025
- Business
- Techday NZ
AI-driven upgrades automate privileged access in PAM360
ManageEngine has unveiled new artificial intelligence-powered enhancements to its privileged access management platform, PAM360, focused on access governance and automation for enterprise IT environments. The latest upgrades include intelligent least privilege access and risk remediation policy recommendations, aiming to help businesses address security gaps before they can be exploited. The additions are incorporated into PAM360's Cloud Infrastructure Entitlement Management (CIEM) module, while a new privileged task automation function is enabled through Zoho's workflow orchestration platform, Qntrl. According to ManageEngine, traditional models of privileged access management rely heavily on static, manual processes that are frequently disconnected from the operating context. Such an approach can lead to excessive user permissions, entitlement drift and misconfigurations—issues that become more pronounced in hybrid, multi-cloud environments. The company stated that: "Today's hybrid, multi-cloud environments have led to an explosion of human and non-human identities, creating complex access workflows and rampant privilege sprawl. To tackle this, organisations require dynamic policies that can intelligently enforce the principle of least privilege across their identity stack. With the AI-driven CIEM module in PAM360, IT security teams can now generate intelligent least privilege policies, proactively flag risky entitlements and automate remediation, helping enterprises close critical identity security gaps before they're exploited," said Ramanathan Kannabiran, Director of Product Management at ManageEngine. The 2024 Identity Security Insights from ManageEngine noted that 68% of survey respondents identified a need for AI-driven improvements in risk-based access controls. The company's PAM360 CIEM module now features AI-generated least privilege policies, automatic identification and remediation of shadow admin risks, and real-time access and session summaries. These capabilities are designed to help organisations proactively manage access sprawl and misconfigurations with reduced manual intervention. Concerning automated task management, the newly added privileged task automation allows enterprises to run administrative routines across workflows without the need for manual access provisioning or revocation. This automation is enabled directly within the Zoho ecosystem through its Qntrl platform, meaning administrators do not have to rely on additional third-party tools. "Privileged task automation in PAM360 eliminates the need for administrators to manually grant and revoke necessary access privileges for every automated routine. Access is provisioned just in time, based on the task context, and revoked automatically once the task ends. This not only preserves admin bandwidth but also reduces the risk of privilege misuse caused by excessive or standing access," Kannabiran said. PAM360's integration with Qntrl is designed to streamline privileged access workflows across enterprise environments. The automation covers processes such as vendor onboarding and offboarding, provisioning of just-in-time access with time-bound controls, and secure, hands-free transfer of privileged data. This aims to provide consistent, speedy operations while reducing the risk of privilege escalation and misuse. ManageEngine describes PAM360 as a privileged access management solution for IT teams seeking to enforce governance over access pathways to sensitive corporate assets. The platform supports integration with other IT management tools and is currently used by over 5,000 organisations and more than one million administrators worldwide.
Techday NZ
07-05-2025
- Business
- Techday NZ
ManageEngine upgrades PAM360 with AI-driven cloud access controls
ManageEngine has introduced new artificial intelligence-powered capabilities and advanced automation features to its privileged access management platform, PAM360. The updated PAM360 platform now includes AI-governed cloud access policy recommendations and a privileged task automation module, which is enabled through Qntrl, Zoho's workflow orchestration platform. These additions are intended to help organisations automate administrative routines, enforce the principle of least privilege at scale, and decrease security risks through automated remediation processes. PAM360's Cloud Infrastructure Entitlement Management (CIEM) module now benefits from AI enhancements that facilitate the creation of intelligent least privilege policies and offer risk remediation policy recommendations. This improvement aims to provide organisations with greater control over access governance, particularly as the number of both human and non-human digital identities grows in complex, hybrid and multi-cloud environments. ManageEngine referenced findings from its 2024 Identity Security Insights report to highlight the demand for more advanced security controls. According to the company, "68 per cent of the respondents are looking for AI-driven improvements in risk-based access control." Ramanathan Kannabiran, Director of Product Management at ManageEngine, commented on the challenges facing organisations as they address access management in diverse digital ecosystems. He stated, "Today's hybrid, multi-cloud environments have led to an explosion of human and non-human identities, creating complex access workflows and rampant privilege sprawl. To tackle this, organisations require dynamic policies that can intelligently enforce the principle of least privilege across their identity stack. With the AI-driven CIEM module in PAM360, IT security teams can now generate intelligent least privilege policies, proactively flag risky entitlements and automate remediation, helping enterprises close critical identity security gaps before they're exploited." The updated CIEM module in PAM360 can now generate AI-driven least privilege policies, automate remediation of shadow admin risks, and provide real-time access and session summaries. These features are intended to enable organisations to address issues such as access sprawl and misconfigurations in complex IT environments with lower reliance on manual intervention. ManageEngine is also introducing new automation controls through its partnership with Qntrl, which powers the new privileged task automation feature in PAM360. Historically, automation in business workflows - such as robotic process automation (RPA) or script-driven routines - has relied on manual access provisioning, which can introduce delays and increase the risk of errors and privilege misuse. Kannabiran explained the impact of the new automation module, noting, "Privileged task automation in PAM360 eliminates the need for administrators to manually grant and revoke necessary access privileges for every automated routine. Access is provisioned just in time, based on the task context, and revoked automatically once the task ends. This not only preserves admin bandwidth, but also reduces the risk of privilege misuse caused by excessive or standing access." Through deep integration within the Zoho ecosystem, PAM360's automation capabilities are designed to function natively, removing the necessity for other third-party automation tools. The platform now offers streamlined vendor access with automated onboarding and offboarding, provisions temporary just-in-time access with fine-grained controls, and supports secure, hands-free transfers of privileged data. The aim is to increase operational speed and consistency while reducing security risks. ManageEngine stated that PAM360 is intended to enforce stronger governance of access to sensitive corporate assets, supporting both core privileged access management requirements and integration with other IT management tools. According to the company, the platform is used by over 5,000 organisations and more than one million administrators globally.
Associated Press
14-03-2025
- Business
- Associated Press
CloudDefense.AI Reveals Key Strategies to Identify and Protect Personal Identifiable Information (PII) in the Cloud
'Protecting PII isn't just about compliance - it's about building trust. Organizations that secure their data proactively will lead within the changing digital environment.' — Abhi Arora, COO of CA, UNITED STATES, March 14, 2025 / / -- As businesses migrate to the cloud, securing Personal Identifiable Information (PII) becomes urgent. Cloud environments offer flexibility and scalability, but poor security can expose sensitive data to cybercriminals. Misconfigurations or unchecked access can lead to significant PII exposure, causing financial, legal, and reputational damage. a leader in cloud security, assists companies in proactively identifying and securing PII before threats arise. A significant risk in cloud security is the lack of visibility into where PII is stored and accessed. Organizations struggle to track sensitive data across databases, logs, backups, and third-party applications. Without understanding data flow, businesses are vulnerable to unauthorized access and accidental leaks. highlights the need for automated discovery and classification tools that monitor cloud environments, ensuring organizations know where their PII resides and who can access it. Controlling access to PII is crucial. Excessive permissions pose threats, with many breaches stemming from poor access management rather than complex attacks. follows the Principle of Least Privilege (PoLP), granting only essential access to employees and applications. Using Cloud Infrastructure Entitlement Management (CIEM) and Role-Based Access Control (RBAC), organizations can automate reviews, detect and remove excessive permissions, thus minimizing risks. Restricting access is insufficient. If data is compromised, encryption is essential. Properly encrypted data remains unreadable, even to attackers. advises using strong encryption like AES-256 for data at rest and TLS for data in transit. Tokenization and effective key management also protect sensitive data. Many organizations neglect key management by storing encryption keys with the data. highlights the need for secure, separate storage of keys to prevent unauthorized decryption access. Encryption minimizes data exposure, but real-time monitoring and threat detection are essential to prevent security incidents. Cloud environments are dynamic, requiring ongoing monitoring and anomaly detection to respond swiftly to evolving cyber threats. highlights advanced Threat Detection and Response (TDR) solutions for immediate alerts on suspicious activities and unauthorized access, enabling organizations to act before breaches occur. Organizations must prioritize compliance with data protection regulations like GDPR, CCPA, HIPAA, and PCI-DSS, which impose strict guidelines on handling personally identifiable information (PII). Non-compliance risks penalties, and customer trust. automates audits, enforces data retention policies, and trains staff in sensitive data handling. By embedding security into cloud operations, organizations ensure compliance and maintain strong security. As cloud adoption continues to grow, businesses must stay ahead of evolving threats by proactively securing PII. remains committed to helping organizations build resilient cloud security strategies through CNAPP, DSPM, and CIEM solutions. By taking a proactive stance on data protection, access control, encryption, and threat monitoring, businesses can fortify their cloud environments and build lasting trust with customers. About headquartered in Palo Alto, is a cutting-edge Cloud-Native Application Protection Platform (CNAPP) that provides end-to-end security for cloud infrastructures and applications. seamlessly integrates advanced technology and expertise, making it the ultimate solution for mitigating security risks from development to deployment. Their state-of-the-art platform offers a full spectrum of security solutions, ensuring organizations can confidently protect their cloud environments. Covering every layer of security, provides SAST, DAST, SCA, IaC Scanning, Advanced API Security, Container Security, CSPM, CWPP, CIEM, Kubernetes Security, and AI-SPM. Moreover, their exclusive technology guarantees continuous policy enforcement and proactive threat mitigation. enhances security with AI-driven remediation, attack path analysis, and automated risk assessment to reduce vulnerability noise and detect zero-day threats in real-time. This innovative approach boosts security efficiency, providing up to five times the value of traditional tools and establishing them as leaders in cloud security. If you want to learn more about and explore one of the best CNAPPs in the industry, please book a free demo or connect with them at [email protected] X LinkedIn Instagram YouTube Legal Disclaimer:
