Identity and access management platform company Opal Security today announced updates to its least privileged posture management platform to help customers identify and remediate risks.

Launched in April, Opal Security’s least privileged posture management platform allows security teams to better manage identity security in a standard security workflow by proactively detecting, prioritizing and calibrating over-provisioned access across organizations.

The updates today aim to take the service another step forward through the identification and remediation of risks inherent in broad group-based access and irregular access by detecting and prioritizing risky access and also offering native least privilege support for Snowflake.

Opal argues that though group services such as Okta, Microsoft Entra and Google Groups offer a simple way to provide role-based access to resources, managing access via groups comes with complications. Groups can become obsolete, the policies can be too broad and the number of groups can become unwieldy over time.

Group optimization, as provided in the update today from Opal Security, helps customers identify risks inherent in group-based access and take immediate steps to reduce the blast radius of over-provisioned, unused and accidental membership access.

Opal’s group optimization helps teams manage group access by identifying and removing users and resources that are no longer active, deleting obsolete groups, renaming those that do not follow naming conventions, and resolving hierarchy issues such as deeply nested or circularly referenced groups to prevent unintended access management problems.

For each group risk identified, Opal’s extended service allows for immediate action in just a couple of clicks. Using the feature, IAM or security teams can remove users from groups they are not leveraging, remove resources from groups that are not being used, or convert access to just-in-time with an expiration date for access.

Also added to the platform today was expanded irregular access screening. The platform now leverages machine learning to identify irregular access, such as access patterns that do not conform to usual patterns. The platform detects these anomalies by combining variables such as job function and team, nature of access, resource attributes and access graph topology.

Lastly, Opal Security’s first-party Snowflake integration allows security, infrastructure and information technology teams to manage and remediate access to Snowflake Roles and resources such as databases, schemas and tables. The integration helps address issues around managing Snowflake’s customizable access controls and mitigating risks.

Opal enables teams to implement and maintain least privilege in Snowflake environments by managing access to Snowflake Roles and Securable Objects at a granular level. Teams can also enable just-in-time access and enforce policies such as multifactor authentication to reduce risk.

“With this new set of features, we empower teams to properly mitigate more types of identity risk, move away from point-in-time audits managed by arbitrary teams and get to an ongoing flow within a comprehensive security strategy,” said founder and Chief Executive Umaimah Khan. “We believe this is the very beginning of an overall shift toward identity being a primary lens and focus for security teams as data and applications spread across SaaS, cloud and self-hosted infrastructure.”

Opal Security is a venture capital-backed startup that has raised $32 million over three rounds. Investors include Greylock, Battery Ventures, BoxGroup LP, Aviso Ventures and SVCI.

Image: Opal Security