The relationship between Azure RBAC, ARM, and Azure AD is challenging to understand and manage and can result in enabling thousands of permissions at varying levels of scope. Veza makes sense of the relationships between human and non-human users, groups, roles, the permissions assigned, and surfaces varying access levels to subscriptions, resources, and Azure data assets. This allows you to understand who (both inside and outside of Azure AD) can access what resource, and what action they can take on data in Azure in addition to services outside of the Microsoft ecosystem.
We needed to understand how users and service accounts have been entitled to specific data. Veza is the only tool I’ve seen that can show you both parts of the picture. One part is the people or accounts who are supposed to have access as part of a security group. And then there’s the flip side where you look at it from the data end and say, this is who also has access, and this is how that access was granted. It’s the clearest view I’ve ever seen for data access.
Steven Guy | VP, Security Solutions, InComm Payments
Get started with Veza
Sign up for a free trial or schedule a demo.