Arnica logo

New Feature: Automated Developer Permissions Management | Arnica

Correctly and continuously applying least-privilege without disrupting legitimate permissions requires a complex and mathematical approach. Arnica delivers a best-in-class solution to least-privilege permissions management by automatically identifying and mitigating excessive permissions, automating permissions request approvals, and simplifying the ability to review any permissions changes on-demand. By also integrating with Slack and Teams, Arnica gives developers the ability to manage and request permissions in the tools they already use and get permissions in a matter of seconds.

What user pains exist?  

DevOps and Security teams struggle with having to continuously manage permissions toward least privilege, which is complicated, time consuming, and operationally high-risk. Compliance requirements amplify these challenges by dictating, quarterly, or annual reviews of effective controls on permissions. And beyond that, any solution that touches developers or code must not disrupt developer velocity.  

Automating permissions  

Security teams building out application security programs are faced with having to apply the principle of least-privilege to code repositories and developer tools. However, the dynamic nature of developer access requires a continuous approach to monitoring, granting, and reducing permissions.  

Compliance requirements

Companies that are regulated under compliance regimes such as SOC2, FFIEC, SOX, and others, are scrutinized by external auditors that require regular reporting – quarterly, or annually – proving sufficient controls to achieve least-privilege for developer permissions.  

Developer disruption

For security leaders building an application security program, there is a golden rule: don’t harm developer velocity. No security team wants to deal with the fallout from making developers’ lives miserable with burdensome security controls that get in their way. That is why security products built with developer velocity in mind are more likely to be adopted and maintained. The fact that developers are revenue generating and security is a cost center is clear.  

What we built  

Arnica builds a graph of the behavior of all identities within the developer tools, and then determines which permissions are actively used or inactive and excessive, which allows us to reduce and mitigate excessive permissions with a single click. Also with a single click, every operation can be reversed to its previous state thus dramatically reducing the operational risk to run Arnica.

Automated permissions management

Arnica relies on our proprietary behavioral graph to identify excessive permissions in real-time, giving users the ability to take manual one-click or automated policy-driven action to continuously update permissions to least-privilege.  

Permission reviews, easily  

Permissions audits are a core part of a number of compliance frameworks including FFIEC, SOC2, SOX and others. Arnica empowers security teams to be able to easily prove the continuous management of permissions to least privilege while removing dozens of work hours associated with manual permissions reviews.  

Happy developers, but secure  

Permissions are managed in Arnica without requiring any development work. However, developers do have the ability, with Arnica, to manage and request permissions easily through Slack, eliminating burdensome, time-consuming permissions requests processes that slow development velocity.  

About Arnica

Enterprises today are faced with the need to harden their DevOps ecosystem to combat the proliferation of Software Supply Chain Attacks. These organizations are faced with the growing challenge of balancing development velocity, cost efficiency, and security.

Managing excessive developer permissions and identifying corresponding anomalous behavior are two obstacles in the way of establishing this equilibrium. Arnica was established to solve these obstacles by providing a seamless and frictionless active mitigation platform for exactly these issues and more. Arnica is the easy button for DevOps security.

Arnica analyzes excessive permissions, code risks and misconfigurations across the developer toolset and mitigates them.

Contact Arnica Press Team