Head over to our on-demand library to view sessions from VB Transform 2023. Register Here
Permissions management is the essence of data security. Yet few security teams can manage identities in the cloud at scale, with Gartner estimating that by 2023, 75% of cloud security failures will occur due to insufficient management of identities, access and privileges.
However, more and more providers are looking to address permissions management with automation. Entitle, which today announced it has raised $15 million as part of a seed funding round led by Glilot Capital Partners, offers a platform for automating access management and provisioning.
Founded in 2021 by two former members of the Israel Defense Force’s Unit 8200, the organization uses deep learning, security operations and vulnerability research to help IT and DevOps teams manage permissions across cloud environments, while giving employees the ability to request permissions via Slack, Teams, Jira or email.
It’s an approach that provides security teams with centralized visibility over permissions throughout the environment, while freeing them up from the responsibility of having to manage them manually.
VB Transform 2023 On-Demand
Did you miss a session from VB Transform 2023? Register to access the on-demand library for all of our featured sessions.
Managing identities in the cloud
The announcement comes as organizations continue to struggle to secure cloud environments. According to Thales Group, while 66% of organizations stored 21%-60% of their sensitive data in the cloud, 45% have experienced a data breach or failed an audit involving data and applications in the cloud.
It’s not just that security teams lack visibility over user permissions in the cloud, but that implementing controls manually isn’t scalable for the amount of users, applications and data active within the modern digital workplace.
“Security teams have been managing access to corporate resources for decades. Yet, we interviewed hundreds of cybersecurity leaders and the vast majority told us that at their companies, controlling and governing access — (a.k.a. permissions management) — is an operational and risk management quagmire that keeps them up at night,” said Ron Nissim, cofounder and CEO of Entitle.
“Outnumbered and ill-equipped, IT and DevOps teams find themselves responsible for hundreds of thousands of cloud permissions and are expected to sign off on access requests with very little information. Without context, decisions regarding who has access to what can be inaccurate or even dangerous,” Nissim said.
Automation addresses the limitations of traditional permissions management by automatically assigning privileges to users, and then revoking them after a set time period or ticket resolution.
Cloud permissions management market
Entitle’s solution falls within the cloud identity and access management market, which Mordor Intelligence valued at $3.4 billion in 2020 and estimates will reach $9.4 billion by 2026 as more organizations aim to manage identities in hybrid and multicloud environments.
One of Entitle’s main competitors in the market is Opal. Opal provides security teams with an access management platform where users can request access to resources via Slack and security teams can automate provisioning and revocation. Last year, Opal raised $10 million in series A funding.
Another competitor is IAMOps vendor Axiom, which last year came out of stealth with $7 million in seed funding, and offers just-in-time access via Slack and other collaboration tools with automated provisioning and revocation.
Axiom also has an autosuggestion engine that adds recommendations to users to help inform approval decisions.
According to Nissim, the key differentiator between Entitle and these competitors is its emphasis on supporting security and IT teams.
“We built our solution to ensure security teams provide just enough access to employees while solving the manual workload of DevOps and IT as a byproduct,” Nissim said. “Whereas many of the emerging competitors either focus only on dev resources (and not corporate IT) or specific technologies like AWS or operate only on specific platforms like ServiceNow.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.