Cloud Security
CIEM (Cloud Infrastructure Entitlement Management)
Also known as: Cloud entitlement management
Definition
A discipline and tooling category that discovers, analyzes, and right-sizes the identities and permissions that exist inside cloud environments.
Examples
- Detecting a developer role that can iam:PassRole into a production admin role.
- Generating a least-privilege IAM policy from 90 days of CloudTrail activity.
Related terms
Cloud Security
The set of policies, controls, and technologies that protect data, applications, and infrastructure hosted in public, private, or hybrid cloud environments.
CNAPP (Cloud-Native Application Protection)
An integrated security platform that combines CSPM, CWPP, CIEM, IaC scanning, and runtime detection to protect cloud-native applications from build to runtime.
Identity and Access Management (IAM)
A discipline and set of technologies for defining digital identities and controlling which resources each identity may access under which conditions.
Principle of Least Privilege
A security principle that grants every user, process, or service only the minimum privileges strictly required to perform its function — no more.
Privileged Access Management (PAM)
A set of practices and tools that secure, control, monitor, and audit access to accounts and systems with elevated administrative privileges.
IAM Misconfiguration
IAM Misconfiguration — definition coming soon.