Rezonate Launches Identity Protection Platform For Cloud Infrastructure

Rezonate’s new cloud identity platform is designed to protect cloud resources against identity-based attacks. According to Rezonate, the company provides cloud identity protection as a way to solve a wide range of identity and access security issues. The company provides the ability to overcome legacy approaches with a new cloud-based application that consolidates what it says are all aspects of the ways that access and identity are protected in the cloud.

Identity protection is important because its crucial to the security of cloud-based systems. According to the Verizon 2022 Data Breach Investigations Report, “many intrusions exploit the basic (mis)management of identity.” The report says that unauthorized access because of mismanaged credentials formed more than a third of the entire hacking category and over half of all compromised records. Worse, the report noted that many large breaches stemmed from the use of default or shared credentials. Notably, Verizon first pointed this out in 2009 – thirteen years before the current DBIR.

“For the past decade, we've been focusing on making our employees more efficient,” said Roy Akerman, CEO and o-founder of Rezonate. “Being able to access anything from anywhere at any time from any device. Already, identity was a critical aspect to enterprise security program.”

The growth of the cloud as a central place for a growing number of businesses only complicates the problem of ensuring identity. “Reliance on cloud infrastructure is only increasing as more and more business are building their core offering in the cloud,” Akerman explained. “One million companies are on AWS alone, let alone other cloud service providers. Significant is an understatement.”

Growing Complexity

The identity problem becomes more complex as the cloud environment grows in complexity. This means that managing identity as a core aspect of security only grows in importance.

“Bottom line,” Akerman said, “everything is moving and changing fast in the cloud. Yet, security must resonate at all times for every process, workload and entitlement when building and operating an organization’s business in the cloud.”

In order to keep up with the dynamic nature of the cloud, Rezonate continually analyzes and synthesizes the data in cloud applications as well as the identities that have access. Both human and machine identities become part of what Rezonate calls a single storyline that provides visibility into identity and access risk. This visibility allows those risks to be eliminated, and it allows risks to be analyzed for further study and an understanding of how the risk might affect the cloud that’s being attacked. In addition to watching events in real time, Rezonate also can look back at past events, authorization rules and streams to illuminate potential risks.

“Businesses are building software fast,” Akerman said. “Many developers and partners are working together, code is changing constantly. Therefore, it becomes a moving target. Today, there are 20 times more machine identities than human identities, elevating the problem across the identity fabric even more.”

Akerman said that the most important change in cloud security is that the attack surface on the cloud is no longer the perimeter of the cloud, which is what legacy security approaches protected. Rather, he said, the attack surface is the complete cloud, making a solution that uses the cloud necessary.

“The interesting piece of it is - the cloud is doing it for us,” Akerman explained. “The solution lies within the infrastructure we're looking to protect. We're just taking advantage of it. This is a security approach that is as dynamic as the infrastructure we are looking to protect.”