Permission Usage Analysis for AWS

When is a “deny policy” the wrong move? Or, in other words, when should a “deny” be denied?

Panoptica’s CIEM capability for AWS provides mitigations that prevent the use of risky permissions by risky roles. However, some of those roles may have legitimate purposes, in which case, denying their use of those permissions may have adverse effects.

Our new permission usage analysis feature helps apply the principle of least privilege, by identifying which permissions are being used by which roles. By analyzing your AWS accounts’ CloudTrail data, Panoptica provides visibility into how permissions are being used, and how denying them could impact the functionality of affected users, applications, and services.

See Entitlement Management for more information.