The Veza Voice – January Issue

Welcome to the Veza Voice, our monthly customer email where we share our latest and greatest product updates, tips, tricks, events and news.
This month’s newsletter includes:

Product Updates

Activity Monitoring for Snowflake

By linking identities directly to their effective permissions to data, Veza gives you a powerful tool for identifying and curtailing excess privilege. However, it’s not always easy to determine which permissions a user really needs, and which are excessive.

Activity Monitoring helps you answer that question by surfacing permissions that have remained unused for a set period of time (between 30 and 120 days). Available now for Snowflake, Activity Monitoring highlights dormant access to tables, views and databases, so that you can trim unnecessary privileges.

Use Activity Monitoring to:

  • Find and remove dormant permissions by understanding activity not just at the level of roles or systems, but at the level of the data objects themselves. With this level of detail you can move past the limiting nature of keep/remove decisions on a user’s roles, and actually right-size roles over time.
  • Prioritize clean-up with Over-Provisioned Score (OPS). OPS compares the user’s total number of permissions to databases, tables and views against the number of objects they’ve actually accessed over a configurable period of time, allowing you to identify and focus on your most over-provisioned users.
  • Know not just who can, but who did access your data. This fundamental expansion of Veza’s underlying dataset will continue to open up new future use cases in Security Operations, post-incident forensics, and more.

Activity Monitoring for Snowflake is now available. Please contact your Veza Customer Success team for more details.

Veza Integrations

As we continue to expand the reach of Veza’s Authorization Graph, we are always releasing new integrations for SaaS apps, data systems, cloud services and more. Newest additions include:

  • Veza for Coupa
  • Veza for Oracle Fusion Cloud
  • Veza for Salesforce

Reach out to your customer service manager to get started.

Veza releases new features every week. Bookmark our release notes page to see the latest and greatest.

Tips and tricks: Veza Rules

Alert fatigue is a common phenomenon among security professionals and can lead to real alerts losing significance and not getting the appropriate response. Veza’s Rules were designed to enable you to maintain corporate security controls by automatically tracking risks and monitoring authorization changes in your environment. Veza will only alert you to the situations that you’ve told us are outside of your established security baselines. Rules can help you monitor common security controls and industry best practices like:

  • Azure AD groups with no users
  • New AWS IAM access that is granted to privileged resources
  • The number of federated Okta users with delete access to AWS DynamoDB databases
  • Ensuring the number of employees with permissions for critical administrative tasks is >1 in case one becomes unavailable

Making Rules Actionable

Ensure your teams are alerted when access authorization changes occur through webhooks, emails, or external integrations:

  • Utilize webhooks to fit into existing business workflows such as updating an issue tracker in JIRA.
  • Create a service desk ticket through ServiceNow.
  • Send Slack notifications to your SecOps, Engineering or Data teams.

To learn more about working with Alert Rules in Veza, read our product guide here.


Meet the Veza team at:

  • Gartner IAM, March 20th-23rd, in Grapevine, Texas. Below is a preview of Veza’s activities during the conference; more details to come soon:
    • Veza is a Premier Sponsor, Gartner IAM.
    • Visit us at our booth in the exhibitor hall to hear the latest product updates and real-world customer stories.
    • Watch Veza experts present on the Gartner stage.
    • Network with Veza founders and executives during one of our intimate dinner events on 3/20.
  • Gasparilla Pirate Fest 2023 in Tampa, Florida on 1/28. RSVP here.
  • CloudWerx Event GCP in San Francisco, CA on 2/9.
  • NCAA Event, Idaho 3/3-8

Email for more details.


Table of Contents