Uptycs, provider of the first unified CNAPP and XDR platform, announced the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD) to reveal suspicious behavior as the developer moves code in and out of repositories and into production. The result is an “early warning system” that allows security teams to identify and stop threat actors before they can access crown jewel data and services in the cloud.
Uptycs customers can track and analyze malicious activity across multiple attack surfaces from a single user interface (UI), including endpoints, cloud, containers, control plane for cloud and Kubernetes, and now code repositories like GitHub and identity providers like Okta and Azure AD.
Latest Insights: AiThority Interview with Luke Damian, Chief Growth Officer for Applause
Support for identity providers gives Uptycs the ability to tie together developer activity from their logged-in accounts, from their laptops, and into the cloud. These added capabilities improve threat detection and response, especially for security analysts investigating the severity and scope of an alert for incident response.
According to Gartner , “The attack surface of cloud-native applications is increasing. Attackers are targeting the misconfiguration of cloud infrastructure (network, compute, storage, identities and permissions), APIs and the software supply chain itself.”1 Moreover, cybersecurity attackers frequently steal credentials from developers and engineers that have access to important backend resources.”
Unlike siloed endpoint and cloud security solutions, Uptycs protects the entire arc of cloud-native application development, from the developer’s laptop to container runtime. With Uptycs, customers can reduce risk and prioritize responses to threats, vulnerabilities, and misconfigurations, as well as meet compliance mandates—all from a single UI and data model.
Latest Insights: AiThority Interview with Vova Kyrychenko, CTO at Xenoss
“Recent high-profile data breaches, such as LastPass and CircleCI, highlight the need to detect threat actors earlier in the kill chain before they move from a developer’s laptop into crown jewel data and services. This means giving security teams the ability to track threat activity across developer machines, source code repositories, identity providers, and cloud infrastructure,” said Ganesh Pai, co-founder and CEO of Uptycs. ‘Uptycs customers don’t have to choose between shifting left or right. They can shift up for unified security visibility and control over their modern attack surface—from laptop to cloud.”
Latest Insights: AiThority Interview with Ahmad Al Khatib, CEO and Founder at Qudo
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.