Governing and managing cloud lay form access

As cloud transformation accelerates, ThycoticCentrify’s cloud provider solution for AWS provides privileged access management capabilities to continuously discover and manage AWS EC2 instances in real time with password vaulting, access controls, and privilege elevation.

ThycoticCentrify has unveiled its cloud provider solution to centrally manage AWS billing accounts, identity and access management (IAM) accounts, and AWS EC2 instances in real time.


Organizations are rapidly moving in-house applications to the cloud, often taking a “lift and shift” approach to migrate virtual machines (VMs) and applications to their preferred cloud provider. In doing so, they often create several different AWS Accounts for each application project or department where each AWS Account has its own root/billing account, IAM user accounts and service accounts, as well as those of the virtual machines (VMs) created to support the application. It’s difficult to manage AWS root/billing account credentials since any changes must be assisted by a human, and AWS best practice is to configure multi-factor authentication (MFA) for the account driven by AWS service enforcement. While automation tooling may integrate new AWS EC2 instances into a PAM solution, operations, staff, and auditors need a way to ensure and validate that all hosted VMs are accounted for and properly secured.


ThycoticCentrify’s cloud provider solution for AWS addresses these challenges by extending a set of existing PAM capabilities to automate continuous discovery of all AWS EC2 instances, providing full visibility of instances even in elastic auto-scaling groups. AWS root/billing accounts are vaulted for emergency access only, and interactive access to AWS Accounts via the AWS Management Console, AWS CLI, SDKs, and APIs is strictly controlled. AWS IAM accounts and associated Access Keys are eliminated or vaulted to reduce the attack surface, with SAML-based federated single sign-on providing a more secure and lower-maintenance alternative. Continuous EC2 discovery and post-discovery automations ensure complete and accurate visibility and that EC2 instances, and their privileged accounts are immediately secured and brought under centralized management.


“The cloud is a game changer when it comes to scalability and availability, but it has also changed the game for cyber-attackers looking to leverage new vulnerabilities created by disparate controls and resulting identity management challenges,” said David McNeely, chief technology officer at ThycoticCentrify. “Our cloud provider solution for AWS provides real-time visibility into cloud workloads as they are added and removed, automating privileged password and identity management that ensures administrative and access controls are enforced while reducing complexity and risk.”


The foundation of ThycoticCentrify’s cloud provider solution is a cloud-native “hub-and-spoke” architecture centered around the Centrify Platform and lightweight Centrify Gateway Connectors that enroll cloud workloads into the Centrify Platform. The solution can also auto-deploy Centrify Clients on discovered Windows and Linux instances for fine-grained access control, auditing, and visual session recording, as well as enabling password-less login, leveraging ephemeral certificates from the Centrify Platform via “Use My Account.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the attackers, the board a decade behind security discussions and regulation needing more industry input.
73% of organizations lack automated patch management, and 62% experienced incidents involving exploitation of a vulnerability for which a patch was available but had not yet been deployed.
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with certain of its affiliates, “Clearlake”) to acquire the Company from Francisco Partners. Patrick Nichols, current CEO of Quest, will continue to lead the Company supported by the existing executive management team. Upon closing of the transaction, Clearlake will become the majority shareholder in Quest. The terms of the transaction were not disclosed.
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to help secure, isolate and recover data from a ransomware attack.
Aqua’s cloud native application protection platform becomes the only solution that protects cloud applications, their code, and their CI/CD infrastructure.
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the UK’s Mid-Market IT Leadership expects to see a shortfall in IT spend in 2022. While 52% of IT decision-makers believe their 2021 budget met the ambitions of their team, there seems to be less certainty and confidence about future finances — 61% think their budget will need to increase in 2022, but only 13% expect it to.
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities compared to legacy on-premises hardware and appliance-based models.