Veza Introduces Access AI™ to Deliver Generative AI-Powered Identity Security to the Modern Enterprise
August 06 2024 - 12:00PM
Business Wire
J.P. Morgan Invests in Veza
Veza, the identity security company, today announced the launch
of Access AI™, a generative AI-powered solution to maintain the
principle of least privilege at enterprise scale. With Access AI,
security and identity teams can now use an AI-powered chat-like
interface to understand who can take what action on data,
prioritize risky or unnecessary access, and remove risky access
quickly for both human and machine identities. By bringing the
power of generative AI to identity security in the enterprise, Veza
makes it possible to prevent, detect, and respond to
identity-related issues before they turn into disruptive incidents
like breaches or ransomware.
Identity security has become a top priority for companies that
have embraced cloud services, SaaS applications, and AI. According
to a report from the Identity Defined Security Alliance (IDSA), 90%
of organizations experienced an identity-related incident in the
past year, and 84% suffered a direct business impact as a result.
To combat this growing problem, companies are investing in new
business processes like Access Entitlements Management, Identity
Security Posture Management (ISPM), and Identity Threat Detection
and Response (ITDR).
Similarly, according to Gartner®, “The broad adoption of cloud
services, digital supply chains and remote access by employees
working from anywhere has eroded the value of legacy security
controls at the perimeter of the corporate network, positioning
identity as the primary control plane for cybersecurity.”1
Access AI
With this announcement, Access AI is available across the Veza
Access Platform. It uses machine learning and generative AI to
surface and contextualize recommendations for fixing identity-based
threats. Teams across identity, security engineering, application
security, and compliance use Access AI to investigate who has
access, how they got it, and whether it should be revoked. Like all
Veza products, Access AI understands both human identities and
non-human identities, such as service accounts.
Access AI can:
- Answer natural-language questions about entitlements and
association to identity
- Understand the access of non-human identities and machine
identities
- Recommend roles that follow the principle of least
privilege
- Surface dormant or excessive permissions to revoke
- Create ITSM tickets (such as ServiceNow) with instructions for
remediation
- Recommend actions during user access reviews and
recertifications
“Two years ago we changed the game in identity access with our
Access Graph, and now we are doing it again with Access AI,” said
Tarun Thakur, co-founder and CEO, Veza. “Veza is the first company
to apply AI to manage and secure entitlements across SaaS systems,
cloud data systems, identity systems, and infrastructure services.
Customers tell us this is the year of identity. They want access
intelligence to hunt for threats automatically across tens of
thousands of identities and entitlements within hundreds of
systems, which is critical with the recent explosion of non-human
identities. To solve this requires speed and intelligence that is
only possible with AI.”
“To operate with least privilege, companies must be focused on
their identity posture. With the modern enterprise moving away from
standing access, success now depends on having the appropriate
tools and automated solutions," said Matthew Sullivan,
Infrastructure Security Team Lead at Instacart. "Nearly every
discovery made by Veza's AI has prompted an immediate response from
our team. With hundreds of thousands of entitlements to oversee,
leveraging AI-driven automation has been essential to staying
proactive.”
J.P. Morgan Investment
This launch comes on the heels of an investment from J.P.
Morgan, a leading global financial services firm, which brings the
company’s total funding to $132 million. This investment will be
used to accelerate product innovation as Veza continues to redefine
identity security and organizations across the globe begin their
identity security transformation.
New Capabilities
As Veza continues to modernize the identity market with its
industry-first Access Graph and Access Intelligence, it has also
unveiled additions to the Veza Access Platform in conjunction with
the release of Access AI.
Enhanced security for non-human identities (NHIs)
- NHI Insights and NHI Access Security, an inventory of all NHIs
like Azure AD service principals and AWS IAM service accounts.
- Support for new NHI entities: access keys and secrets.
- Ability to monitor key rotation to reduce the risk of stale
credentials.
- Ability to determine access of keys, tokens, certificates.
- Custom rules and manual overrides for NHI identification to aid
in searching, tracking, and alerting.
- Support for managing NHI owners to manage timely key rotation,
workload uptime, and service account governance.
Lifecycle management for next-gen IGA
- Role recommendations for access requests based on the principle
of least privilege, powered by machine-learning.
- 10 new targets for Veza Lifecycle Management. Support for
provisioning and deprovisioning to Active Directory (AD), Entra ID,
Okta, Azure, Salesforce, Microsoft Exchange, Exchange Online, SAP,
Google Workspace, and Snowflake. Veza Lifecycle Management goes
beyond SCIM protocols to advance the state of provisioning that
covers hierarchical groups and roles with a set of automated CRUD
aware policies.
- Support for the Veza Open Authorization API (OAA) which allows
quick support for provisioning to new applications, including
custom applications.
Activity monitoring for ITDR, Security Engineering, and
Security Operations
- New ability to monitor activity in Okta, collecting and
summarizing log data to know who accessed what resources, including
last-used date.
- Calculate the Over-Privileged Access Scores (OPAS) for Okta to
prioritize your most over-privileged roles and users.
- Monitoring for access activity in Snowflake and AWS IAM.
Access intelligence for Cloud PAM, privilege threat hunting,
privileged access assurance
- Out-of-the-box role mining insights and analytics for
Snowflake.
- 20+ out-of-the-box dashboards by persona, risk type (privilege
drift, insider threat, cloud entitlements, ISPM, NHI, access
creep), and systems (SaaS, data systems, infrastructure).
- Veza Query Language (VQL) as API endpoints to query, sort,
filter, and perform complex compound queries for use cases such as
segregation of duties and privilege threat hunting.
- New Risk Profile based on privilege threat hunting framework
that leverages the power of Veza Access Graph, identity risk
scores, over-permission access scores, and Veza Query
Language.
Learn more:
- Access AI overview: https://veza.com/product/access-ai/
- Access AI launch webinar:
https://veza.com/company/events/access-ai-launch-webinar/
- State of Access 2024 report:
https://veza.com/resources/stateofaccess2024/
- AI for Identity Security: Veza’s Strategy:
https://veza.com/blog/ai-for-identity-security-my-journey-our-perspective-and-vezas-strategy/
Citations
- Gartner, Identity-First Security Maximizes Cybersecurity
Effectiveness, Rebecca Archambault, Felix Gaehtgens, James Hoover,
Ant Allan, 1 May 2024
GARTNER is a registered trademark and service mark of Gartner,
Inc and/or its affiliates in the U.S. and internationally and is
used herein with permission. All rights reserved.
About Veza
Veza is the identity security company, helping organizations
secure access across the enterprise. Veza’s Access Platform goes
beyond identity governance and administration (IGA) tools to
visualize, monitor, and control entitlements so that organizations
can stay compliant, achieve least privilege, and de-risk the
breach. Global enterprises like Wynn Resorts, Expedia, and
Blackstone trust Veza to manage identity security posture, with use
cases in privileged access management (PAM), non-human identities
(NHI), cloud entitlements (CIEM), data system entitlements, SaaS
entitlements, and IGA. Founded in 2020, Veza is headquartered in
Los Gatos, California, and is funded by Accel, Bain Capital,
Ballistic Ventures, Google Ventures (GV), Norwest Venture Partners,
and True Ventures. Visit us at veza.com and follow us on LinkedIn,
Twitter, and YouTube.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240806411908/en/
Justin McCann R1 Communications for Veza
justin@r1communications.com