10 Best Startups to Watch 2022

Ermetic – Leveraging Identity-First Cloud Security Platform That Gives Full Visibility and Context to Understand Security Risks


Planning your migration to the public cloud is never complete without your business becoming familiar with the many powerful security measures the major cloud platforms offer to safeguard our new highly scalable environments - and being able to efficiently manage identities of all staff and access rights to resources is just as critical to ensure secure access to the resources your staff need, when they need it. With digital transformation via cloud computing making it possible to have flexible access to apps and data anywhere at any time, it's crucial that identity is on the same level as security – which is why it is so closely linked. Having the right capabilities to safeguard your new adoption of cloud technology and protecting information confidentiality should be a business-critical objective for every organisation, no matter the industry, and the first order of business is to leverage solutions that manage both.

Ermetic is one such identity-first cloud infrastructure security platform that provides holistic, multicloud protection in an easy-to-deploy SaaS solution. The company helps prevent breaches by continuously analyzing permissions, configurations and behavior across the full stack of identities, network, data and compute resources. Using advanced analytics to assess, prioritize and automatically remediate risks, Ermetic makes it possible to reduce your attack surface and enforce least privilege at scale even in the most complex cloud environments. The company is led by proven technology entrepreneurs whose previous companies have been acquired by Microsoft, Palo Alto Networks and others. Ermetic has received funding from Accel, Glilot Capital Partners, Norwest Venture Partners, and Target Global.

Industry-Leading Cloud Security Solutions Furnished

Cloud Infrastructure Entitlements Management (CIEM): CIEM is the essential next step in your cloud security strategy. CIEM solutions constantly monitor human and service identities, permissions, and activity. Applying analytics and machine learning, CIEM continuously analyzes risk and generates least privilege access policies. Ermetic provides a holistic solution from asset management through anomaly detection and compliance that enables Security and DevOps teams to work together seamlessly. See and mitigate the toxic scenarios that put your data at risk and enforce least privilege – improving your cloud security posture and maturity. To successfully manage your cloud security posture, you need to go deep on identities. Ermetic helps organizations manage all their cloud entitlements, remove excessive permissions and reduce the attack surface.

Cloud Security Posture Management (CSPM): Cloud Security Posture Management (CSPM) helps organizations determine that their cloud applications and services are securely configured. It offers a broad view of network, data storage and API settings. CSPM acquires configuration data from the cloud services in use and monitors the data continuously for risk. It can also analyze against compliance benchmarks to detect vulnerabilities, threats, and account hygiene violations. The Ermetic Platform combines a complete set of identity-first capabilities in one unified product. The result is 360-degree context for automating the detection and mitigation of your cloud security risks. For example, understanding if a sensitive data store is vulnerable to attack requires a holistic assessment of its access permissions, resource configuration and network configuration. Emetic continuously assesses, detects and mitigates identity and compliance risk in your cloud infrastructure.

Public Cloud Security: Governing access entitlements is essential for protecting applications and data in the cloud. Ermetic prevents cloud data breaches by automating the detection and remediation of identity and entitlement risks in AWS, Microsoft Azure, and Google Cloud. It automatically discovers all user and service identities, and analyzes their entitlements, as granted by roles/scope and policies, using a continuous lifecycle approach. By combining analytics with granular, full stack insight, Ermetic makes it possible to enforce least privilege access at scale in even the most complex public cloud environments. With Ermetic, you can continuously analyze excessive permissions across your multicloud infrastructure, and define and enforce automated guardrails for identities, resources and network configuration – preventing unauthorized access to your cloud environment.

The Pre-Eminent Leader

Shai Morag is a co-founder and Chief Executive Officer of Ermetic. He has over 20 years of product management, technology leadership and senior executive experience. Before Ermetic, Shai served as the co-founder and CEO of Secdo, a cyber security company, where he led the company from its inception to a successful acquisition by Palo Alto Networks for $100M in only three years. Before Secdo, Shai served as the CEO of Integrity-Project, a company specialized in connectivity, networking and security solutions. He led them to significant growth and an acquisition by Mellanox. Shai also served for 10 years as an officer in the IDF Intelligence Corps Unit 8200, where he held a variety of roles in management and product development, and won several national awards for excellence. Mr. Morag is a graduate of the Talpiot program and earned an MBA from Tel Aviv University.

“At Ermetic, we’ve pioneered an identity-first approach that gives full visibility and context to understanding cloud security risks. Ermetic gives the insight and scale that powers teams to be cloud security heroes.”