Mastering Least Privilege Access: The Art of Rightsizing Policies [APAC]

The massive scale of cloud environments leads to teams potentially managing millions of distinct identities at any given time across their organisation. As a result, security teams often struggle to implement and manage access policies that balance the integrity and security of their organisation’s network, users and data with the efficiency and effectiveness of their counterparts in the development and DevOps teams. Ideally, teams work to enforce least privilege access (LPA) strategies that focus on limiting access and privileges to only those that a given user, resource or service needs to do their respective work - and nothing more than that - but this can often be easier said than done. Join Rapid7's Cathal O’Neill and Tyler Terenzoni, where they’ll discuss the challenges that lead to excessive permissions and showcase how Rapid7 InsightCloudSec can help: - Identify key identity-related risk signals in real time across all your cloud environments. - Uncover toxic combinations that increase risk associated with a given identity. - Narrow the scope of investigation to prioritise remediation efforts based on likelihood of exploitation and potential impact. - Continuously review permission usage and intelligently recommend remediation policies to enforce LPA based insight into unused permissions and/or anomalous activity.