最低特權及多餘的雲端權限

Identity discovery, contextual risk correlation and automated enforcement

Cover of CNAPP - Enforce least privilege across cloud identities PDF

Tenable One Cloud Exposure, powered by the Tenable One Exposure Management Platform, helps organizations enforce least privilege across AWS, Azure, GCP, and Kubernetes environments. 该产品会提供持续、无代理身份和授权可见性,解决了诸如角色权限过度宽松、特权提升路径和孤立帐户等难题。通过将身份发现与上下文风险关联和自动修复相功能结合使用,Tenable 可确保权限适配合理、撤销过度访问权限并消除云攻击路径,最终加强身份和访问控制、减少攻击面并简化合规流程。

  • Comprehensive Identity Discovery: Continuously maps all human, service, and machine identities across multi-cloud environments, including their permissions and activity.
  • 上下文风险关联: Integrates with Tenable One to correlate excessive privileges with vulnerabilities, misconfigurations, and sensitive data exposure, prioritizing the most dangerous attack paths.
  • Automated Enforcement of Least Privilege: Remediates risky entitlements at scale through automatic revocation of unused permissions, tightening of overly broad roles, and triggering automated workflows.

下載 PDF 檔

資源

解決方案
適用於 DoD 的 Tenable 解決方案:超越 ACAS 的網路安全
產品說明
Tenable One Cloud Exposure:雲端偵測與回應 (CDR)
分析師研究
可視化× 自動化×統合化によるクラウドセキュリティのアプローチ