Transcript
00:00:03
and welcome to the Cyber Hood TV vendor introduction series my name is Simon Moffett and founder Analyst at the Cyber Hut in an our vendor introduction series I get to interview founders of all of the super cool exciting identity security related startups around the globe and I’m absolutely fortunate to have it sick from entro security with me rric thank you for joining me thanks for thanks for having me sameon not at all not at all thanks for taking time out of the uh Busy World of solving our
00:00:36
identity security problems and for those who have not seen one of these episodes before the idea is I get to ask three very important questions of our esteemed guest and I often start off with question number one which is essentially what is the problem entro security is looking to solve over to you uh yeah so pleasure to meet everybody I’m I’m Itzik Alvas the CEO and founder of entro security uh entro is a non-human identity and secret security company we help organizations to securely use non-human identities by
00:01:18
managing and securing and automating their life cycle um so the main problem is around nonhuman identities like service accounts API Keys connection strings we we’re seeing at our customer base that for every human identity human employee in the company uh there are at least 92 non-human identities so it’s uh they have a lot of non-human identities in in each organization uh so the shear size is uh overwhelming and the main problem with them is that those non human identities like API Keys service
00:01:54
accounts and so forth they are being created by teams that are not responsible to secure them so they are being created by developers devop accessories without proper security oversight and those teams scatter them around so they can store them within volts Solutions um but nowadays organization have at least five different volts uh so those secrets and non human identities are scattered between vaults but also they are being sent over slack or teams um within Confluence Pages config files you know exposed in a lot of uh
00:02:29
different locations and the main problem we’re seeing is that security teams don’t know how many non-human identities and secrets they have and where also those secrets are long randomized strings um and that means that if that if uh a security professional will find one you have no context about it you don’t know who created them when for what what application is using them and when you combine everything when you combine that security teams don’t know how many non-human identities there
00:03:00
where or what they’re able to do that’s why organizations start struggling to protect those non-human identities and that’s why for the past four years in a row by Verizon and IBM was leading the cyber security reports out there that’s why it’s the second most frequent attack back to rder and the number one most costly attack to an organization um yeah so that’s the problem area it it seems that the problem area is getting bigger and bigger you know 9 to one is a ratio seems huge but equally I think as well
00:03:34
that really important point you made there around the people who are creating these nhis and not always the same people who are securing them and I think that that that dichotomy is a real problem isn’t it it’s the proliferation is huge because there’s no cost to as you say creating maybe you know hardcoded secret or whatever it could be but then that amplifies in the in the respect of visibility and context as well you know what what is this secret can I can I delete it can I remove it
00:04:05
can I revoke it um I think that is a huge a huge problem so that sort of leads me into the next question is why is this a problem now it it seems to me maybe a combination of Legacy technology which is can’t cope for nhi combined with this huge volume of services in apis but I guess in your words why is this suddenly a becoming more of more of an issue now right those n identities are essentially programmatic um access ke right programmatic credentials that applications are using uh to authenticate and access Services they
00:04:42
need like databases and so forth um and why it’s a why why now why it’s a huge problem now uh basically because of the cloud and the breaking of the monolit um so each cloud service nowadays requires at least one of those non human identities to enable authentication so if you have if you’re using I don’t know mongod DB and your application needs to authenticate and use that mongodb they need a secet a token a non human identity to do that um and it’s an ancient problem right because back in
00:05:19
the day you had service account you had application that used service accounts in order to access whatever resources they need but then you would also add when you when you were on Prem it was an issue but he would have you know Network boundary so even if you lost a service account someone will need to enter your organization in order to use that um nowadays no network boundaries in the cloud right if I have your um connection string your non identity for your mongodb or AWS I can just use it uh often those
00:05:55
are with very high permissions so even excessive permissions per which just they don’t need because again the developers are the ones who are creating them permissioning them using them so a lot of the time they’re giving them very high permissions um and when we’re seeing you know organization breaking down the monoliths into microservices now each microservice needs an all set of keys um earlier the monolit the entire application had a set of you know secrets and non human identities now
00:06:28
each each micros service have a set of them and with more cloud services that we adopt and use and we’re adopting and using new ones every single day there are more and more non human identities um so yes uh you know Gartner said like six months ago that uh for every human identity there are 45 nonhuman uh within six months it’s already doubled itself so it’s uh so yeah it’s it’s a huge problem and it’s only growing as we speak yeah it’s it’s it’s a scary thing
00:07:00
isn’t it it’s just it is proliferating I think in volume but as you say you know you have the cloud aspect with respect to organizations deploying technology in different ways public Cloud private cloud cloud native but within their own ecosystems technology which isn’t necessarily having visibility across all of those different um deployment areas the whole paracity problem as well and to me I I I look at this is is simply an extension or a a growing of the adversarial attack surface they they
00:07:35
will look at this and think wow suddenly we have a huge proliferation of of nhi workload Services um hardcoded credentials which is really in a black spot ultimately it’s in a hidden area um which I think from of an adversarial uh perspective why not Target those as a is an entry into an organization which I guess ultimately you know we’ve created this this scar sorry ultimately of of this is a really big problem it’s a bad problem it’s getting bigger um so why inro you know why are you best players
00:08:07
to Sol this what’s your secret source to to try and uh fix this problem right so as um a bit maybe a bit about myself and why I started in uh with a friend of mine with Adam so I started my cyber security Journey Back in the IDF the Israeli Defense Force I was on the offensive side of of the cyber um Market but going into the the public uh the public market I worked for defensive cyber security um that was uh that was what I’ve done uh usually in management positions so prior to entro was
00:08:45
responsible for the internal security of one of Microsoft’s clouds prior to that I was a ciso the Chief Information Security Officer at um at and Healthcare Services uh the biggest one in Europe and when we transitioned into to the cloud after a month we got breached by a non identity um at Microsoft we were bried twice while I was there they got breached again afterwards uh by non human identities and with no solution out there um I you know started to think about what can we do and join forces with a
00:09:20
friend of mine like from the Army Adam is now the co-founder and CTO and we started intro so we at pioneering uh we pioneered that vertical um and we’re by far the most advanced company out there um the sheer size of our customers uh so we’re build to scale uh but according um to other Market analyst and in our customer base uh for sure we have the most mature platform uh platform out there um and again it makes sense because we Pioneer the space uh the visibility of nonhuman identities so
00:09:58
entor is able to find all all non human identities once they were created if they got stored in a vault or if they were exposed uh we’re the only one who’s able to do that we’re the only one who’s able to find exposure of nonhuman identities like if they were if someone send them over slack or within wikip Pages Cloud assets and so forth which is the number one most root cause for those attacks so we the only one who’s who’s giving full visibility in inventory for non human identities and we’re the only
00:10:29
one who’s actually able to do abnormal behaviors I know there are other companies who claim they can do it uh we’re far more Superior so if someone from Africa is using your token to access your environment and you’re not doing business with Africa uh we’re going to detect that alert about that and prevent it if someone is Miss downloading non human identities from your vaults or so forth um another abnormal behavior we will be able to detect and prevent and we are doing that for our customers
00:11:00
uh we can enrich tokens uh create a visual lineage map of which application is using what token to access what service other vital data around it like with the human owner permissions uh static risk around them misconfiguration posture management uh so we’re doing quite a lot also automated remediation uh but for sure the visibility part abnormal behaviors part which is non identity detection and response and HR um and the fact that we Pioneer the market and the most mature with uh the biggest customer base out there uh
00:11:38
that’s definitely why we are the best and we will keep leading that market love that love that it’s great you got the whole end to endend set of capabilities there isn’t it from from understanding the visibility you know you can’t protect what you can’t see ultimately so you have to be able to find that stuff and obviously you know talk about behaviors and being able to visualize and everything else I think is uh a really really powerful way of thinking about it and I think probably
00:12:03
quite unique in being both a red teamer and a blue teamer having those both size of the coin is is probably quite quite rare in this this day and age that’s good end to end building a cyber security company as practitioner that’s uh yeah yeah it’s That’s Unique Journey it’s absolutely it’s real you fixing fixing the real real world problems uh it’s SI um thank you for for giving me the the update or giving us the update on on entro security I think this is a huge um huge
00:12:34
addressable problem um nhis workloads and others and I only see this Market getting bigger and bigger as organizations break down their their monolithic Services into microservices they use automation chatbots process automation etc etc it’s only going to get bigger and bigger and I I think it’s it is important to have an endtoend set of capabilities to help um both discover and control and remediate some of these issues so um it’s it thank you for for taking some time out to chat with me
00:13:08
today this has been another episode in our vendor introduction series um thank you I thank you for watching next time we’ll see you later thank you