ThreatKey is the only all-in-one security posture management platform. It secures both cloud infrastructure and SaaS applications, so you can focus on your business, not on keeping up to date with API updates.
ThreatKey's agentless technology connects in seconds, so you can start securing in minutes. Backed by our world-class support team, you can be confident that your security is in good hands.
ThreatKey detects, enriches, and surfaces security risk within interrelated misconfigurations and vulnerabilities in Okta and Google Cloud Platform. If an attacker were to gain access to an Okta account with administrative privileges, they could configure Google Cloud Platform (GCP) settings in a way that would allow them to bypass security controls (such as by modifying IAM permissions) – gaining access to sensitive data. ThreatKey correlates log information with infrastructure scanning alerts to these risks – detecting when sensitive configurations like IAM are modified. ThreatKey will alert you on the permissions modification, preventing a potential compromise of your cloud environment.
Your source code plays a critical role in building applications, making it crucial proprietary information of your business. Still, it is often left out of security discussions. If an adversary could evade certain security security controls within Okta as the result of a permissions misconfiguration, they may be capable of authenticating into your source code repository and could introduce software supply chain vulnerabilities. ThreatKey detects modifications to your Okta and GitHub controls to identify gaps in your security posture. ThreatKey will alert your organization to the permissions misconfiguration and provide remediation instructions to reduce your risk.
If you’re like many of our customers, you’ve probably adopted an infrastructure-as-code solution, like Terraform. Most businesses we work with control their complex cloud infrastructure definitions and policies through a central repository, often hosted on a version-control platform like GitHub. But what if your version control security is too lax? Could a compromised insider introduce malicious cloud assets that go undetected? ThreatKey detects misconfigurations in both Amazon Web Services and GitHub that could introduce additional levels of concern to your organization and increase operational risk.
If you’re a software business, your version control system is the nerve-center of your organization. But what if your GitHub controls are too lax? Could an insider threat or external threat actor introduce malicious code assets that go undetected? ThreatKey alerts to configuration risk from best practice within your organization and alerts within minutes of detecting an area of concern.
ThreatKey performs a comprehensive asset inventory of your cloud resources and analyzes them for interconnected vulnerabilities and misconfigurations. When your most important workloads require thorough security observation and inspection, ThreatKey will provide you with the visibility you require. Across your cloud application stack, ThreatKey can provide unparalleled introspection into your most concerning areas of cloud risk.