Ermetic: Securing Identity and Data in the Cloud

According to the leading research organization Gartner, “through 2023, at least 99% of cloud security failures will be the customer’s fault, up from 95% in 2017.” It further says that most of the security failures by 2023 will be due to inadequate management of identities, access, and privileges. Hence, there is a need for solutions that help organizations enforce tighter, least privilege access policies across both user and machine identities to prevent data breaches across the popular cloud platforms such as AWS, Azure, and Google Cloud. California-based Ermetic delivers solutions that meet this criterion for comprehensive cloud security.

Ermetic’s solutions are highly relevant in today’s world that is highly dependent on cloud solutions and susceptible to cloud breaches. Its analytics-based security solutions automate detection and remediation of identity and access risks in Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) offerings from Amazon, Google, and Microsoft. 

The company’s solutions are capable of automatically discovering all human and machine identities in the cloud, and analyze their entitlements, roles, and policies throughout a lifecycle. It combines analytics with granular and full-stack insight. Through such technology, Ermetic enforced least privilege access at scale in the most complex cloud environments. 

Cloud Needs Protection

A recent study by IDC said that 80% of the companies have experienced at least one cloud data breach in the last 18 months. And 43% of these reported having experienced 10 or more breaches. The leading causes of this according to the 300 CISOs who participated in the study was security misconfiguration (67%), lack of adequate visibility into access settings and activities (64%), and identity and access management permission errors (61%).

To address this cloud problem, organizations need to have an identity-centric view of their cloud infrastructure. But security events can generate large amounts of data. So, in addition to having an identity-centric view, a solution needs to have an automated analytics and machine learning engine that can aid in identifying whether the entitlements have been assigned or being used in an inappropriate way.

Ermetic’s solutions are the cloud-native alternative that leverages the power of analytics to manage permissions and enforce least-privilege access to provide a comprehensive Cloud Infrastructure Entitlements Management. It leverages a continuous visibility into identities, entitlements, and data to power access policy definition, automation, and enforcement at scale. It aligns permissions with the actual business requirements to reduce the attack surface and flag suspicious data access.

Series A Round and A Great 2020

The Palo Alto company in July rallied support by raising $17.25 million in its Series A round of financing. The financing round was led by Accel, and saw the participation of Glilot Capital Partners, Norwest Venture Partners, and Target Global. These were the investors who had financed the company’s $10 million seed round. 

Ermetic said that the fresh funding would be used to scale research and development, go-to-market, sales, marketing, and customer support initiatives for its Cloud Infrastructure Entitlements Management platform. Andrei Brasoveanu, Partner at Accel who joined Ermetic’s board of directors said, “With the wide-scale adoption of cloud services by organizations, protecting these infrastructures is critical. But managing entitlements is too massive and complex a problem to address manually or without the right tools.” 

“Ermetic has developed a purpose-built solution that addresses this large market opportunity and is led by a proven management team. I look forward to working with the team to quickly establish Ermetic as a leader in this space,” he added.

In a short space of time, Ermetic has garnered a reputation for itself as a pioneer in cloud security. Its cloud access risk security efforts were recognized as Gartner named it as a Cloud Infrastructure Entitlements Management Vendor in its 2020 report Managing Privileged Access in Cloud Infrastructure.

The Leader

Shai Morag, CEO and Co-Founder

He has over 20 years of experience in product management, technology leadership and senior executive experience. Prior to Ermetic, he was the CEO of Secdo, a cybersecurity company he led from its establishment to its successful acquisition by Palo Alto Networks for $100 million in just three years. He has also served as the CEO of Integrity-Project. He led the company to significant growth and an acquisition by Mellanox.

He has also served as an officer in the IDF Intelligence Corps Unit 8200. Here, he held various roles in management and product development and also won national awards for excellence.

He is a graduate of the Talpiot program and has an MBA from Tel-Aviv University.

“Founded in 2019, Ermetic is led by a team of industry veterans and backed by leading cyber security investors.”

“Ermetic leverages continuous visibility into identities, entitlements and data to power access policy definition, automation and enforcement at scale.”

“Through advanced usage analytics, Ermetic aligns permissions with actual business needs to reduce the attack surface and flag suspicious data access.”