New Capabilities across the Veza Platform and Products – Role Engineering, Access Hub, New Integrations, and Access Profile Automation for next-gen IGA
PALO ALTO – December 03, 2024 – Veza, the leader in Identity Security, today announced the availability of Veza Access Requests product, enabling organizations to reduce the risk of identity-based threats with automated access policy intelligence for application access. Veza Access Requests ensures that users requesting access are automatically provisioned according to the principle of least privilege from day one. For the first-time ever, access requests are now built on the power of permissions – the purest form of access – to help organizations truly embrace identity transformation towards the principle of least privilege.
Manual and legacy access requests products are built on the classical method of assigning users to groups and roles. This is prone to inefficiencies and over-permissioning risks, creating challenges for IT operations teams and frustration for end users. The process of manually identifying the right system-specific roles is time-intensive, as roles are unique to each system and may provide sensitive access via permissions to data. The high volume of access requests compounds these challenges, often resulting in either rubber-stamped approvals, excessive permissions to data, systems and applications, or delays that hinder end-user productivity. Organizations need an automated, least privilege approach to access requests that reduces over-permissioning risk and improves productivity across the organization.
Scaling identity security has become essential as organizations aim to enable real-time, agile access across diverse systems. According to Gartner®, “The goal of identity-first security is to shift from a point-in-time configuration to real-time, dynamic enablement, which will include account provisioning and policy orchestration, with the right entitlements and attributes determined dynamically.” Veza Access Requests delivers to this vision by empowering organizations to dynamically determine and deliver least-privilege access exactly when needed, reducing risk and enhancing employee productivity.
“Veza provides our Identity and Access Management Cloud team an easy, self-service interface that enables them to visualize and understand privileged, over-provisioned and unused account access,” said Scott Thomas, Director, Identity and Access Management at Sallie Mae. “This helps ensure teams have the right level of access when they need it and confirms our identity footprint while reducing risk.”
“Traditional identity tools were built for a different era, before access was spread across so many different cloud services, SaaS apps, and on-premise systems,” said Tarun Thakur, Co-founder and CEO, Veza. “In the modern enterprise, identity teams need to deliver agile access for both human and non-human identities. Veza Access Requests makes this possible at scale, using AI and machine learning to determine the optimal roles that comply with policies and adhere to the principle of least privilege.”
Veza Access Request Overview and Differentiation
When a manager or employee requests access, Veza’s platform identifies the least privileged most secure role, obtains approval if needed, and provisions the access in the target system or application. Veza Access Requests works on the power of Veza’s Role Engineering capabilities to ensure that users requesting access are provisioned according to the principle of least privilege from day one. Veza Access Requests brings forward Access Profile Automation, our newest platform-level capability that brings together the permissions context from Veza Access Intelligence and automates the end-to-end process of creating Access Profiles needed for birthright and ad-hoc provisioning, now including access requests.
Access Requests are natively integrated with Veza’s Access Hub – a new interface – which allows managers to see access permissions across their team and manage access for their team members accordingly. Access Requests empowers managers to grant access to their employees, and for employees to request access in a self-service manner from a curated catalog of applications. This is complemented by just-in-time (JIT) access that keeps employees productive, but eliminates privilege creep with time-limited access. For the first time ever – end-users now interface with Veza for their day-to-day needs including reviewing, requesting, and remediating access.
New Product Capabilities for Identity Security Use Cases
As part of this release, Veza is also announcing new enhancements to its platform, including Advanced Access Intelligence, Advanced Access Reviews, expanded use cases for Access AI, advanced security for non-human identities (NHIs), and new Lifecycle Management features.
- New Advanced Access Reviews, powered by Access Intelligence, now adds innovative capabilities like risk metrics integrated into access reviews, Activity Insight to show the last time an application entitlement has been utilized by a user, Role Analytics to summarize the access and permissions to resources granted by roles, on-demand reviews for risk-based microcertifications, the Review Intelligence Policy Engine for richer automation of auto-decisioning of reviews, and multi-party, multi-level review sign-off.
- New integrations to target systems like Oracle E-Business Suite (EBS), MySQL, and PostgreSQL, Duo Security, Oracle HCM, Oracle JD Edwards expanding Veza’s catalog of native integrations. More importantly, we now have 90+ integrations that are fully built by our Veza customers highlighting our commitment to empowering users with flexibility and extensibility (for application onboarding, for access reviews, and for access request).
- Veza Access AItm now includes using natural language to search most relevant risks from Veza’s out-of-the-box access risk dashboards tied to most urgent identity security use cases, including ISPM, ITDR, SSPM, NHI security, and IAM hygiene.
- New Advanced Access Intelligence featuring Role Engineering capabilities – role mining, role analytics, role recommendations, and role definition.
- Veza Activity Monitoring is now available for Microsoft 365 SharePoint, allowing security and identity teams to see which users and roles are actually using their granted access (over-privileged access score).
- Veza Lifecycle Management has added support for Oracle HCM, HiBob, Beeline, and Okta as sources of identity as well as Oracle Fusion, GitLab and generic SCIM-based applications for provisioning and deprovisioning. A new user interface featuring Veza’s unique identity-centric view and visual policy builder supports customer Joiner-Mover-Leaver scenarios.
- Out-of-box Access Intelligence dashboards for identity security use cases CIEM, ITDR, SSPM, and ISPM
Learn more
- Meet Veza Access Requests Product: https://veza.com/product/access-requests
- Access Requests launch video: https://youtu.be/k99t7KRS1C8
- Sallie Mae Customer Case Study: https://veza.com/resources/sallie-mae-case-study/
- Veza Activity Monitoring: https://veza.com/product/activity-monitoring/
- Veza Access Platform: https://veza.com/product/
Citations
Gartner, Market Guide for Identity Governance and Administration, Nathan Harris, Rebecca Archambault, Brian Guthrie, Paul Mezzera, 26 August 2024
GARTNER is a registered trademark and service mark of Gartner, Inc and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
About Veza
Veza is the leader in Identity Security, helping organizations secure access across the enterprise. Veza’s Access Platform goes beyond identity governance and administration (IGA) tools to visualize, monitor, and control entitlements so that organizations can stay compliant, achieve least privilege, and de-risk the breach. Global enterprises like Wynn Resorts, Expedia, and Blackstone trust Veza to manage identity security use cases including privileged access monitoring, non-human identity (NHI) security, access entitlement management, data system access, SaaS access security, IAM hygiene, identity security posture management (ISPM), and next-generation IGA. Founded in 2020, Veza is headquartered in Los Gatos, California, and is funded by Accel, Bain Capital, Ballistic Ventures, Google Ventures (GV), Norwest Venture Partners, and True Ventures. Visit us at veza.com and follow us on LinkedIn, Twitter, and YouTube.
Media Contact
Jared Blistein
jblistein@veza.com