New Capabilities Correlate Threat Activity Across Developer Machines, Source Code Repositories, Identity Providers, and Cloud Infrastructure in One Unified Platform
Uptycs, provider of the first unified CNAPP and XDR platform, today announced the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD) to reveal suspicious behavior as the developer moves code in and out of repositories and into production. The result is an “early warning system” that allows security teams to identify and stop threat actors before they can access crown jewel data and services in the cloud.
Uptycs customers can track and analyze malicious activity across multiple attack surfaces from a single user interface (UI), including endpoints, cloud, containers, control plane for cloud and Kubernetes, and now code repositories like GitHub and identity providers like Okta and Azure AD.
Support for identity providers gives Uptycs the ability to tie together developer activity from their logged-in accounts, from their laptops, and into the cloud. These added capabilities improve threat detection and response, especially for security analysts investigating the severity and scope of an alert for incident response.
According to Gartner ®, “The attack surface of cloud-native applications is increasing. Attackers are targeting the misconfiguration of cloud infrastructure (network, compute, storage, identities and permissions), APIs and the software supply chain itself.”1 Moreover, cybersecurity attackers frequently steal credentials from developers and engineers that have access to important backend resources.”
Unlike siloed endpoint and cloud security solutions, Uptycs protects the entire arc of cloud-native application development, from the developer’s laptop to container runtime. With Uptycs, customers can reduce risk and prioritize responses to threats, vulnerabilities, and misconfigurations, as well as meet compliance mandates—all from a single UI and data model.
“Recent high-profile data breaches, such as LastPass and CircleCI, highlight the need to detect threat actors earlier in the kill chain before they move from a developer’s laptop into crown jewel data and services. This means giving security teams the ability to track threat activity across developer machines, source code repositories, identity providers, and cloud infrastructure,” said Ganesh Pai, co-founder and CEO of Uptycs. ‘Uptycs customers don’t have to choose between shifting left or right. They can shift up for unified security visibility and control over their modern attack surface—from laptop to cloud.”
Uptycs is at RSA Conference from at booth #0335 in the RSA South Expo Hall at Moscone Center in San Francisco.
Note: The ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure AD will be available to all Uptycs customers in Q2, 2023.
To learn more about Uptycs, please visit: https://www.uptycs.com
Resources
- Uptycs at RSA Cybersecurity Conference 2023 blog
- Gartner® Market Guide for Cloud-Native Application Protection Platforms
- CNAPP: Gartner® Market Guide for 2023 – 6 Key Takeaways
- Webinar: Why Not Both? Agent-Based and Agentless Workload Security
- Follow Uptycs on LinkedIn and Twitter
- Request a demo
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!
