Veza for AWS

Name: Veza
Price range: $

Securing data access for AWS services: compute, infrastructure, data, and SaaS applications. Modernize enterprise access governance with automated access certifications and access remediation. Streamline privileged access management. Manage AWS IAM entitlements. Implement data lake security for AWS Redshift, and access governance for 15+ AWS services.

Get started with a free trial

play

Identity-first, authorization-based approach to securing data. Map any identity — human or service account — through their effective entitlements to granular SaaS apps and data objects in any AWS service.

Understand, manage, and control access to AWS services, including EC2 instances, Redshift or RDS databases/tables, S3 buckets, customer-managed keys, and more. Veza’s identity-first platform makes it easy to understand who (Okta, Azure AD, AD, etc) can and should take what action on sensitive data residing across AWS services, including compute, infrastructure, data, SaaS, and more.

Why customers choose Veza for AWS

Achieved Security Competency, Available on AWS Marketplace

Veza has achieved the AWS Security Competency in the Identity and Access Management category.

Find Veza on the AWS Marketplace

Native support for 15+ AWS Services

Veza integrates with a full range of AWS resources and services, including Redshift, S3, EC2, EMR, DynamoDB, RDS, KMS, Tags, Control Tower, and more. Manage effective permissions across AWS services for identities in Okta, Azure AD and AWS IAM via IAM roles and policies (including bucket-level policies, service control policies, permission boundaries, etc.).

Enterprise-ready, identity-first security platform powered by authorization

Veza modernizes enterprise access governance processes like access reviews, access certifications, privileged access reviews, cloud IAM entitlement management, and data lake governance for teams across identity, IAM, risk, audit and compliance, privacy, and security engineering.

Choice Hotels Taps Veza for Securing Data in Its Evolving Multi-Cloud Environment

play

Veza brought something unique to the table that we had never seen before. And that really is the permission graph that lets us deeply understand the link between Okta to all of our different AWS accounts, to our databases, and Active Directory. We hadn't seen anything like that and to be able to visualize that in basically 30 seconds is truly amazing.

Jason Simpson | Vice President of Engineering, Choice Hotels

View the case study

Veza enables us to visualize and control the privileges of our employees and service accounts across multiple cloud service providers in a simplified, unified view. Bringing disparate authorization systems into a single tool is a game-changer from an audit and compliance perspective.

Matt Dodge | Director of DevOps and IT, LoanSnap

Using Veza, our security teams have gained valuable visibility across our systems - apps, infrastructure, and data, to better understand who can access what, helping drive stronger privileged access security practices.

Jenner Holden | CISO, Axon

Out-of the-box integrations with AWS

How customers use Veza for AWS

Comprehensive & actionable intelligence into granular permissions to AWS resources

Discover the effective permissions of identities to AWS Resources, through IAM policies, IAM groups and IAM roles. Identify users with excessive privileges, and perform AWS IAM analysis. Continuously scan for best practice IAM security violations.

Learn more

Manage and control privilege drift on AWS services

Actively monitor for configuration and authorization changes. Orchestrate rapid response to data security risks. Implement industry best practices to resolve issues as soon as they are detected.

Learn more

Visualize and manage effective permissions across AWS IAM and Cloud Services

Explore, query, and assess authorization at a granular level. Identify and eliminate excess entitlements, privilege, or dormant accounts.

Veza captures and interprets IAM groups, roles, and policies to map the relationships of human or machine identities to AWS resources.

Watch a demo

Build a strong identity access governance program

Ensure that no human or machine identity retains excess data privileges.

Veza renders complex IAM infrastructure into simple statements about the effective permissions of each identity, so your GRC teams can review access to data stored in AWS, approve or reject each effective permission, and certify the completed review.

Proactively find and remediate risks

Codify your ideal state for least privilege, compare it continuously against reality, and respond rapidly to any deviation.

Veza continuously audits your environments to detect data access risks that can undermine cloud security, compliance and governance. Cloud security engineering and governance teams can supplement Veza’s built-in insights by defining custom security violations. Violations can trigger workflows to automate remediation. For example, automatically create a ticket in JIRA to review any IAM user with no group assignments.