Snoop

Snoop cuts cloud risk with CIEM and Just-in-Time (JIT) access

To date, Snoop has rolled out several high-impact uses including:

Least privilege and compliance across multi-cloud. Using Tenable’s powerful Cloud Identity and Entitlement Management (CIEM) capabilities, Snoop is achieving its goal of automating and enforcing least privilege across its multi-cloud environment. Key results include:

• Reduced excessive permissions across cloud accounts
• Identification of toxic permission combinations
• Prioritization of risks across a sprawling environment

This has also helped Snoop meet regulatory requirements by minimizing user access to sensitive data, supporting compliance with FCA, GDPR and PCI DSS.

Tenable is cloud-agnostic and extensible, which is critical for us. It is helping us automate and maintain least privilege across all our environments—not just one, - Tom Plant, Senior DevSecOps Engineer, Snoop

Just-in-Time (JIT) access to eliminate static privileges. Snoop uses JIT access to eliminate standing admin rights and broker access to sensitive data via short, auditable time windows – often with second-party approval. Key results include:

• All administrators, including those with privileged access, must go through JIT workflows, enforcing a consistent, least-privilege model
• Access to sensitive data is scoped to only what’s needed and timebound, with optional second-party approval
• Through JIT for IdP groups, access to sensitive apps is tightly controlled and not statically assigned by default

The simplicity and seamlessness of Tenable’s JIT mechanism is key. Users request access through Slack, approvers are notified instantly and access is granted for a defined period, - Tom Plant, Senior DevSecOps Engineer, Snoop

Snoop gains speed and simplicity with Tenable Cloud Security

Using Tenable Cloud Security has brought Snoop a range of benefits, from fast time to value to reduced risk and operational efficiencies:

Fast time to value. “We got value from Tenable Cloud Security within hours,” reported Plant, “It dramatically reduces the manual effort involved in analysis and action – and automates wherever possible.”

Measurable risk reduction. The organization has significantly reduced standing privileges, eliminated toxic permission paths and made access to sensitive data – and sensitive applications – purpose-driven and temporary.

Audit-readiness in place. With clear access records showing who accessed what, when and why – and who was declined – audit cycles are smoother. It’s now much easier for Snoop to provide the evidence base for compliance and overall security posture.

Operational efficiency. Manual reviews and escalations are now automated or handled through self-service workflows, lightening the security team’s workload. Deployment was quick, and insights started surfacing within hours.

Strong dev and user experience. Developers access what they need through tools they already use – Slack (with Microsoft Teams also supported) – keeping the process secure and low-friction.

What stands out most about Tenable Cloud Security is the ease of use and accuracy, and how broadly and deeply you can implement it. It’s been a very effective solution – and a strong partnership, - Tom Plant, Senior DevSecOps Engineer, Snoop