Veza releases new IGA solution to enhance identity security

Identity security company Veza has announced the launch of a new identity governance and administration (IGA) solution, Next-Gen IGA. The solution comprises the Veza Access Control Platform and new products for provisioning and deprovisioning, access reviews, access visibility, and access intelligence, the firm said. It approaches governance with a focus on permissions and automation to reduce identity risks, decrease the costs of governance, and accelerate access to apps and data, according to Veza.

Research indicates that 80% of cyberattacks leverage identity-based techniques, with criminal gangs prioritizing acquiring stolen credentials to bypass security measures and enhance attacks with access to networks, databases, and other assets owned by organizations. This trend has also created increased demand for access broker services - criminal groups that sell stolen access credentials. There was a 112% year-over-year increase in advertisements for access broker services identified last year compared to 2021, with more than 2,500 advertisements detected across the criminal underground, according to the CrowdStrike 2023 Global Threat Report.

What's more, traditional IGA tools have failed to keep up with the demand for machine identity management capabilities, forcing companies to pursue separate solutions, according to Gartner's IGA market guide. "Many IGA vendors are not positioned to support the continuous and context-aware controls needed to establish "identity-first" strategies due to the dependence on inflexible policies and static workflows," the guide stated.

Next-Gen IGA manages access authorization based on roles and permissions

Next-Gen IGA manages access with authorization entities of roles and permissions instead of users and groups, Veza said in a press release. This enables organizations to visualize and "right-size" access permissions with automation of traditional access reviews and identity lifecycle provisioning, it claimed.

The Veza Access Control Platform ingests and analyzes authorization permission metadata from enterprise systems and organizes it into the Veza Authorization Graph. The platform then computes the unique access mechanisms (RBAC, ABAC, ACLs) of more than 150 enterprise systems - including SaaS apps, data systems, and cloud infrastructure - and transforms that into a canonical data model, according to the company. Out-of-the-box integrations include Salesforce, Oracle Cloud Fusion, Workday, AWS Cognito, MongoDB Atlas, and Windows Server Accounts, it added

Adoption of Next-Gen IGA will enable companies to unify fragmented access lifecycles, visualize who can take what action on what data, find and fix policy violations automatically, and monitor all human identities, machine identities, and service accounts, Veza said. It will also help organizations demonstrate compliance with regulations such as SOX, ISO 27001, SOC 2, and GDPR; provision fine-grained permissions to follow the principle of least privilege; and run campaigns to verify user access and certify/recertify entitlements, the firm added.

Identity security a significant pillar of cybersecurity

E-commerce, payments, and marketing services firm Digital River was an early adopter of Next-Gen IGA. Its CISO Kumar Dasani tells CSO that as the company matured its security program, it needed clear visibility into every identity. "Identity security is a significant pillar of cybersecurity, and it's important for us at Digital River to have a pulse on all identities and access," he says. "We also urgently needed to solve major questions like who has access to what, why do they have it, how much do they have it, and how long did they have that access. Veza gives us the insight we need to answer these questions, while also providing us with integration, visibility, and the ability to see across our entire environment."