The Ermetic Platform now enables enterprises to automate the process of giving developers and DevOps teams "Just in Time" (JIT) access to cloud infrastructure settings, according to the cloud infrastructure security startup. With the help of these new features, users can seek a temporary escalation in privileges that is tailored to their jobs and the tasks they need to complete.
Continuous integration/continuous delivery (CI/CD) pipelines are typically used by DevOps and development teams to spin up and maintain cloud infrastructure environments. To perform specialized tasks like manually deploying a service or diagnosing serious problems, developers may need direct, highly privileged access to production settings. Since they would provide an attacker the "keys to the kingdom" if a user's credentials were stolen or used improperly, these all-inclusive access entitlements can pose a severe risk if they are not withdrawn when they are no longer required.
Due to their inability to handle entitlement granularity and adapt to the changing nature of cloud-based rules, traditional PAM and identity governance and administration (IGA) solutions developed for the data center cannot satisfy the needs of contemporary cloud-native infrastructures. With the first solution that enables businesses to give developers secure and quick JIT access to cloud environments, Ermetic is bridging the PAM and IGA gap in the cloud. In addition, Ermetic also interfaces with single sign-on (SSO) systems to guarantee users have a transparent experience.
"Developers need powerful privileges and entitlements to stand up and manage cloud infrastructures, but these should only be granted in Just in Time fashion, for a limited time and right sized to avoid excessive permissions. Ermetic has delivered the first cloud-native solution that automates the creation, enforcement and governance of developer access policies with guardrails and an expiration date,"
Sivan Krigsman, Chief Product Officer for Ermetic