Abstract: A system and method for securing identity and access management (IAM) operations. One or more IAM operations are translated into control messages and transmitted to one or more outpost agents. Each outpost agent is configured to execute instructions of the control messages received by the outpost agent in order to execute an IAM operation or to relay the control message to another outpost agent. Results data indicating results of the IAM operations are received from the outpost agents to which the control messages were transmitted.

Abstract: Systems and methods for secure execution of operations. A method includes executing a control message generated by a system that is external to a computing environment, wherein the control message indicates at least a resource within the computing environment and an operation type of an operation to be performed via the resource, wherein executing the control message includes causing execution the operation via the resource in order to generate operation results data. A secret is removed from a control message response in order to create a secured control message response, wherein the control message response is generated based on the operation results data. The secured control message response is transmitted to the system.

Abstract: A system and method for secure secrets correlation. A method includes transmitting a plurality of secret indices from a first system to a second system, wherein the plurality of secret indices correspond to a plurality of secrets stored within a computing environment, wherein the second system is deployed externally to the computing environment; receiving a plurality of non-secret identifiers from the second system; comparing the plurality of non-secret identifiers to the plurality of secret indices in order to determine comparison results; and transmitting the comparison results to the second system.

Abstract: A system and method for secret rotation. A method includes rotating a first secret by switching a second secret with the first secret; verifying cessation of use of the first secret by at least one entity based on secrets use with respect to a plurality of identity objects, wherein each identity object corresponds to an identity utilized in a computing environment; verifying use of the second secret by the at least one entity based on the secrets use with respect to the plurality of identity objects; and disabling the first secret when the cessation of use of the first secret and the use of the second secret have been verified.

Abstract: A system and method for secure secrets correlation. A method includes transmitting a plurality of secret indices from a first system to a second system, wherein the plurality of secret indices correspond to a plurality of secrets stored within a computing environment, wherein the second system is deployed externally to the computing environment; receiving a plurality of non-secret identifiers from the second system; comparing the plurality of non-secret identifiers to the plurality of secret indices in order to determine comparison results; and transmitting the comparison results to the second system.

Abstract: A system and method for secure secrets management. A method includes creating an inventory of a plurality of non-secret identifiers used by entities acting with respect to a computing environment; correlating between secrets of a plurality of secrets and non-secret identifiers of the plurality of non-secret identifiers based on data indicating use of the plurality of secrets and the plurality of non-secret identifiers with respect to the computing environment; detecting a secrets-based vulnerability with respect to at least one first secret of the plurality of secrets based on the correlation between the secrets of the plurality of secrets and the non-secret identifiers of the plurality of non-secret identifiers; and performing a remediation action to secure the at least one first secret based on the detected secrets-based vulnerability.

Abstract: Systems and methods for secure execution of operations. A method includes executing a control message generated by a system that is external to a computing environment, wherein the control message indicates at least a resource within the computing environment and an operation type of an operation to be performed via the resource, wherein executing the control message includes causing execution the operation via the resource in order to generate operation results data. A secret is removed from a control message response in order to create a secured control message response, wherein the control message response is generated based on the operation results data. The secured control message response is transmitted to the system.

Abstract: A system and method for securing identity and access management (IAM) operations. One or more IAM operations are translated into control messages and transmitted to one or more outpost agents. Each outpost agent is configured to execute instructions of the control messages received by the outpost agent in order to execute an IAM operation or to relay the control message to another outpost agent. Results data indicating results of the IAM operations are received from the outpost agents to which the control messages were transmitted.

Abstract: A system and method for determining identity ownership. A method includes identifying a plurality of interactions performed with respect to a plurality of computing identities, wherein each interaction is performed by a respective entity of a plurality of entities and with respect to a respective computing identity of the plurality of computing identities; aggregating the plurality of interactions in order to create at least one set of aggregated interactions, wherein each set of aggregated interactions includes a subset of the plurality of interactions performed with respect to one of the plurality of computing identities, wherein the plurality of interactions includes a plurality of modifications of data used to manage access activities of the plurality of computing identities; and determining an owner of each computing identity based on the at least one set of aggregated interactions, wherein the owner of each computing identity is one of the plurality of entities.

Abstract: A system and method for policy enforcement. A method includes extracting access properties for an access event from access data indicating the access event, wherein the access properties include a time of the access event and a source of a first entity which initiated the access event; correlating the access properties with entity data of a plurality of second entities in order to identify the first entity among the plurality of second entities, wherein the entity data indicates a source of each of the plurality of second entities at the time of the access event, wherein the source of each of the plurality of second entities is unique among the plurality of second entities; and applying a security policy based on the access event and the first entity identified as the entity which initiated the access event.

Abstract: A system and method for clustering. A method includes creating a matrix based on a first set and a second set, wherein the first set includes a plurality of distinct keys, wherein the second set includes a plurality of distinct values, wherein each distinct key is a key among a plurality of key-value pairs corresponding to a plurality of resources, wherein each distinct value is a value among the plurality of key-value pairs corresponding to the plurality of computing resources; clustering a plurality of keys of the plurality of key-value pairs based on the matrix in order to create a set of key clusters; and determining at least one computing resource cluster based on the set of key clusters, wherein each computing resource cluster includes a respective subset of the plurality of computing resources.

Abstract: A system and method for clustering. A method includes creating a matrix based on a first set and a second set, wherein the first set includes a plurality of distinct keys, wherein the second set includes a plurality of distinct values, wherein each distinct key is a key among a plurality of key-value pairs corresponding to a plurality of resources, wherein each distinct value is a value among the plurality of key-value pairs corresponding to the plurality of computing resources; clustering a plurality of keys of the plurality of key-value pairs based on the matrix in order to create a set of key clusters; and determining at least one computing resource cluster based on the set of key clusters, wherein each computing resource cluster includes a respective subset of the plurality of computing resources.

Abstract: A system and method for secret rotation. A method includes rotating a first secret by switching a second secret with the first secret; verifying cessation of use of the first secret by at least one entity based on secrets use with respect to a plurality of identity objects, wherein each identity object corresponds to an identity utilized in a computing environment; verifying use of the second secret by the at least one entity based on the secrets use with respect to the plurality of identity objects; and disabling the first secret when the cessation of use of the first secret and the use of the second secret have been verified.

Abstract: Techniques for identity management. A method includes creating a plurality of identity objects, wherein each identity object corresponds to an identity utilized in a computing environment; extracting common features from data retrieved from a plurality of data sources of a plurality of computing service providers, wherein each common feature is common to at least two of the identity objects; assigning metadata to each of the identity objects based on the common features; detecting a violation of an access policy with respect to at least one of the identity objects based on the assigned metadata; and mitigating the detected violation.