WALTHAM, Mass.--(Business-Driven Identity and Access Management solutions, today announced new capabilities that enable enterprises to utilize Identity and Access business context across a wider range of IT security areas.)--Aveksa, Inc., the leading provider of
“Aveksa is committed to providing enterprises with Identity and Access Management solutions that are business-driven and enable enterprises to increase the efficiency of their IT security initiatives while reducing overall security risks”
These new products leverage Aveksa’s unique Security Integration Fabric™, enabling enterprises to extend Identity and Access business context across many IT security-related areas. For example, Aveksa’s Identity and Access Management (IAM) solutions can now provide bi-directional interoperability with Security Information and Event Management (SIEM) systems, such as the HP ArcSight Security Intelligence platform.
With Aveksa’s new Business Insight for HP ArcSight, customers can now have access to the full business context for identities, users and activities, all within the HP ArcSight solution. By using the full set of identity information collected and maintained by Aveksa, enterprises can make better decisions, and better respond to today's security threats. For example, organizations can detect and alert policy rule violations, such as when a user from one department performs activities normally restricted to users from another department.
Specific new capabilities enabled within SIEM systems include:
- A consolidated view of identities across all key enterprise systems within HP ArcSight – unifying identity information across Active Directory, Unix, custom applications and traditional Identity Management systems
- Ability to automatically map cryptic application user IDs to easily understandable names, departments and roles
- Ability to categorize and detect critical events based on user context
- Ability to use Aveksa’s complete identity, entitlement and role information within HP ArcSight’s rules and reporting system
- Ability to “right-click” from within HP ArcSight and navigate directly to full user information within the Aveksa product
In addition, Aveksa’s new Activity Insight Manager leverages real-time activity and threat intelligence for true closed-loop validation and enforcement of enterprise access control processes. Enterprises can now detect granting or usage of sensitive entitlements, and validate whether they have been granted in compliance with corporate access request policies and processes. Unauthorized privileges will be immediately flagged, allowing for rapid follow-up and removal. New capabilities include:
- Real-time detection of sensitive entitlements and privilege changes
- Automated validation that detected access changes comply with access policies and processes
- Workflows for immediate escalation and remediation of unauthorized access rights
According to Gartner Analyst Mark Nicolett in his research report entitled Effective Security Monitoring Requires Context , “The rapid discovery of a breach is key to minimizing the damage of a targeted attack, but most organizations do not have adequate breach detection capabilities. The addition of user, data and application context to security event data will increase your ability to discern abnormal activity that is associated with a breach from the background noise of normal activity.”
“Aveksa is committed to providing enterprises with Identity and Access Management solutions that are business-driven and enable enterprises to increase the efficiency of their IT security initiatives while reducing overall security risks,” said Deepak Taneja, Founder and Chief Technology Officer, Aveksa. “The capabilities we are announcing today, leveraging Aveksa’s innovative Security Integration Fabric, allow enterprises to utilize Identity and Access business context across a wide range of critical IT security solutions, such as HP ArcSight’s SIEM solutions. By doing so, these enterprises can now have full visibility into who has access to what when making critical access and security decisions.”
For additional information about Aveksa’s new solutions for Security Information and Event Management, please click here.
Aveksa is the leading provider of Business-Driven Identity and Access Management solutions. Through its business-driven approach, the Aveksa platform provides a robust way for organizations to shift the accountability and responsibility for making access decisions away from Information Security, and out to the line of business, while enforcing policies and maintaining oversight. Aveksa achieves this by managing the complete lifecycle of user access to information resources through an automated, continuous process for access request, approval, fulfillment, review, certification and remediation. With Aveksa, IT organizations can reduce Access Management complexity and increase operational efficiency while minimizing risk and ensuring sustainable compliance. Many Global 2000 organizations in financial services, healthcare, retail, energy/utility, telecommunications, transportation, manufacturing and other industries rely on Aveksa to efficiently address their Identity and Access Management demands. For more information, visit www.aveksa.com.
 Source: Gartner, “Effective Security Monitoring Requires Context”; 16 January 2012.