최소 권한 원칙과 과도한 클라우드 권한

Identity discovery, contextual risk correlation and automated enforcement

Cover of CNAPP - Enforce least privilege across cloud identities PDF

Tenable One Cloud Exposure, powered by the Tenable One Exposure Management Platform, helps organizations enforce least privilege across AWS, Azure, GCP, and Kubernetes environments. It addresses challenges like overly permissive roles, privilege escalation paths, and orphaned accounts by providing continuous, agentless identity and entitlement visibility. By combining identity discovery with contextual risk correlation and automated remediation, Tenable ensures permissions are right-sized, excessive access is revoked, and cloud attack paths are eliminated, ultimately strengthening identity and access control, reducing the attack surface, and simplifying compliance.

  • Comprehensive Identity Discovery: Continuously maps all human, service, and machine identities across multi-cloud environments, including their permissions and activity.
  • Contextual Risk Correlation: Integrates with Tenable One to correlate excessive privileges with vulnerabilities, misconfigurations, and sensitive data exposure, prioritizing the most dangerous attack paths.
  • Automated Enforcement of Least Privilege: Remediates risky entitlements at scale through automatic revocation of unused permissions, tightening of overly broad roles, and triggering automated workflows.

PDF 다운로드

리소스

솔루션
미국 국방부(DoD)용 Tenable 솔루션: ACAS를 넘어선 사이버 보안
데이터시트
Tenable One Cloud Exposure: CDR(클라우드 탐지 및 대응)
Analyst Research
可視化× 自動化×統合化によるクラウドセキュリティのアプローチ