Startup Strata Identity Inc. today debuted a new open-source tool dubbed Hexa that promises to simplify cybersecurity for organizations using multiple public clouds.

Boulder, Colorado-based Strata launched in 2019 and raised a $11 million funding round led by Menlo Ventures last year. The startup provides a software platform that helps companies secure their multicloud environments. Hexa, the open-source tool that Strata debuted today, focuses on the same task.

Organizations implement cybersecurity rules in their cloud environments to prevent unauthorized access to important systems. A company might, for example, implement a cybersecurity rule that specifies only members of the database team can modify database settings. Each application in a cloud environment has its own set of rules describing which user can access what feature and how.

The task of regulating user access to applications is carried out with a type of software known as an identity management system. The identity management system automatically ensures that only authorized users can access important applications and data. This eases administrators’ work but also creates complexity, which is the challenge that Strata’s newly announced Hexa tool aims to address.

Every major public cloud platform uses its own identity management system to help companies secure their workloads. Different cloud platforms’ identity management systems are often incompatible with one another. As a result, an organization using three different cloud platforms must use three separate identity management systems to secure its applications.

Hexa simplifies the task. The tool makes it possible to define policies specifying which user can access what application and how in a syntax dubbed IDQL. Once a user access rule is implemented in the IDQL syntax, the rule can be centrally applied across all three major cloud platforms. Developers don’t have to create a separate version of the same rule manually for each cloud platform’s identity management system.

One benefit of Hexa is that the tool can save a significant amount of time for developers. Instead of writing multiple versions of each user access rule, software teams can focus on other tasks. 

Another benefit that Hexa can provide is a lower risk of cybersecurity inconsistencies. Usually, if a company wishes to implement a user access rule across three different cloud platforms, it would have to manually create three different versions of the rule. This increases the risk of human error: One of the three versions might accidentally be implemented incorrectly. Hexa removes the need to develop duplicate rules manually, which means that there are fewer opportunities for technical issues to emerge.

Reducing the risk of technical issues in a cloud environment reduces the risk of cyberattacks. Incorrectly defined application access rules can potentially be used by hackers to steal business data. If application access rules are enforced consistently, the risk of a data breach is lowered. 

“Just as Kubernetes transformed computing by allowing applications to transparently move from one machine to another, IDQL enables access policies to move freely between proprietary identity systems,” said Strata Chief Executive Officer Eric Olden. “IDQL and Hexa eliminate identity silos in the cloud and on-premises, by creating an intelligent, distributed identity system with one brain.”

Hexa has contributed IDQL and Hexa to the Cloud Native Computing Foundation, an industry group that manages many popular open-source tools. Strata says that the two technologies are supported by Kroger Co., S&P Global Inc. and a number of other organizations. 

Image: Strata Identity