Case Study: How Rezonate Secures a Large Insurance Company from Identity Threats

featured_img_22x

Contents

10
Mins deployment
35%
removal of critical identity risks on day 1
80%
of admin privileges removed
15
infra configuration changes removed
40%
of high-risk identities and tenants

“It is about ensuring the right individuals
and machines have the right access,
use it appropriately, remain uncompromised,
and are not exploited by hackers”  

CISO, July 15, 2023

About the Client

Our client, a large insurance company, used multi-cloud platforms and critical SaaS tools to streamline vast operations and third-party collaborations. As their digital interactions increased, governing identity and access security became more complex. Therefore, the company needed a more transparent view of identity and access security in real time. It became an essential requirement for them to detect and zoom into specific misconfigurations, and they needed an identity tool to help pinpoint elements that weren’t aligned with their best practices. 

The Challenge

For our client, the challenge lies in managing identity across a multitude of tools, environments, and processes like authentication, authorization, monitoring, and risk management. It’s not just about general security; it’s about ensuring the right individuals have access, use it appropriately, and are not compromised or exploited by hackers. The insurance company needed a specialized system for identity management, bridging IT and security, which is where Rezonate came in.

The Solution

Rezonate took a dual approach to help the insurance company surgically detect and address vulnerabilities before they escalated. 

As their CISO noted, “On the one hand, Rezonate offers proactive insights, helping us plan and improve. On the other, its reactive system not only profiles identity risks based on privileges, behaviors, and security controls but also incorporates UEBA (User and Entity Behavior Analytics) for the cloud, enhancing detection and response capabilities. It acts as an early warning system, alerting me to vulnerabilities and potential attacks that, if left unchecked and exploited by adversaries, could wreak havoc.”

“As the CISO overseeing our insurance operations, I’ve come to deeply appreciate
the granularity and precision of Rezonate’s identity-centric security platform.
It’s not just about broad strokes; Rezonate dives deep.”

CISO, July 15, 2023

Unparalleled Visibility and Real-time Insights
“Within a mere 15 minutes of deployment, Rezonate granted us an unprecedented view into our environment. Given the vast number of developers, DevOps, and partners in our organization, each with unique access privileges and the capability to grant further access, the landscape can become a minefield of hidden risks. Rezonate’s ability to swiftly calculate and expose these hidden access paths and potential vulnerabilities is unmatched. Beyond just a general overview, it provided intricate details of user and machine access paths across various tools and environments.”

Comprehensive Identity Protection with a Dual Approach
“Rezonate’s dual approach, combining proactive and reactive strategies, is a game-changer. By analyzing both the IAM infrastructure and real-time activity, it generates a risk score that indicates the likelihood of an identity being compromised. This has empowered my team and me to swiftly identify and prioritize the most critical identities, enabling us to take immediate remedial actions. The detailed storylines, spanning across platforms like Azure AD, AWS, and Snowflake, have been instrumental in surgically addressing issues.”

Contextual Detection and Response
“The ability to detect and understand suspicious activities in context is a revelation. Rezonate doesn’t stop at identifying a compromised identity; it provides insights into the potential damage radius and predicts the attacker’s next moves based on existing misconfigurations. This contextual understanding is pivotal in preemptively addressing vulnerabilities before they can be exploited.”

The Results

“Rezonate stands out as a fusion of platform visibility, activity monitoring, posture, and threat management, all scaled to fit large organizational ecosystems.”

CISO, July 15, 2023

Identity SecOps Optimization

  • MTTD/R to “access risk” – Drastically reduces the MTTD/R access risks.
  • Reduces window of exposure – Shortens the time frame of an exposure/high-risk identity.
  • Faster than hackers – Swiftly identifying and addressing vulnerable identities before they can be exploited.
  • Automated remediation – Automation streamlines the remediation process, allowing you to make efficient privilege and access decisions.

SOC and Response Optimization

  • Enhances security visibility – Spot attacks early, understanding identity threats and lateral movements, leading to timely, informed actions.
  • MTTD – See an attack in its earliest stages, both on attempts and already compromised identity privileges abuse.
  • MTTU – Understand lateral movements of attacks across identities and systems and how to respond in real time.

CISO’s Final Thoughts

“As a CISO, I think Rezonate is the optimal tool to seamlessly integrate identity programs across various functions, from IT and DevOps to SOC and Security Engineering.”

CISO, July 15, 2023

The urgency for a specialized identity and access security solution was palpable for the insurance company, as it is for DevOps, CISOs, SecOps, and IAM Engineers in all industries.

Rezonate’s holistic program allows your business to unearth and rectify nuanced weak identity security practices, ones that might slip under the radar but can drastically impact access capabilities. Gain total visibility with Rezonate’s radically simple solution.

See Rezonate in Action

Eliminate Attacker’s Opportunity To Breach Your Cloud today

Organizations worldwide use Rezonate to protect their most precious assets. Contact us now, and join them.