M
Privilege Access Management

Out of the box Multi-Cloud Privilege Access Management (PAM) solution for AWS, GCP and Azure.

Identity Analyzer

Visualize, detect, prioritize, and remediate identity risks.

Integrations

Connect Procyon with the tools you already use and love.

How it works

Secure, cloud-centric privilege acces management platform provisioning acces to user through a self service portal.

Self-Service Page Icon
Self-Service Portal

Minimize your organization’s attack surface and secure your sensitive data by limiting who gets access and when.

Passwordless Access

Scale faster and stop credential sprawl by eliminating shared accounts and static credentials that are challenging to track.

Compliance

Visibility into every resource, every user, and the policies that define and govern access in today’s dynamic multi-cloud landscape.

Cloud Identity Governance

Protect your cloud infrastructure by automating risk analysis for all permissions granted to all resources across multi-cloud.

Kill Switch
Kill Switch

Terminate sessions immediately if suspicious activity is detected to stop any user, anywhere, anytime.

Kill Switch
Simplify Workload Management

Manage workloads at scale with centralized management.

Why Procyon

All Resources
Blogs
Press Realeases
News & Articles
Videos

Company

Behind the Breach: Understanding the Sisense Cybersecurity Incident and Securing Credentials

April 26, 2024

The Sisense Breach: Why Strengthening Credential Security is Priority

In today’s interconnected digital landscape, cybersecurity breaches have become an unfortunate reality. In April, the U.S. Cybersecurity and Infrastructure Agency (CISA) sounded the alarm, highlighting a significant data breach impacting Sisense customers. Sisense, renowned for its business intelligence solutions, suddenly found itself embroiled in a cybersecurity crisis, prompting urgent concerns about data security and the protection of sensitive information.

The breach at Sisense was not just another cybersecurity incident; it had far-reaching implications for both the company and its customers. According to reports, attackers gained unauthorized access to Sisense’s self-hosted GitLab environment, from where they exploited an unprotected token to infiltrate the company’s Amazon S3 Buckets. This breach resulted in the exfiltration of several terabytes of customer data, including millions of access tokens, passwords, and SSL certificates.

 

The Impact of the Sisense Breach

The implications of the breach stretch far beyond Sisense’s internal networks. The theft of credentials, tokens, and access configurations not only jeopardizes the data housed within Sisense but also compromises data across connected services. This encompasses cloud platforms such as Salesforce, Azure Blob, Amazon S3, Amazon RDS, GitHub, Google, Box, and more. Additionally, Sisense’s capacity to establish JDBC and SSH connections to data sources on unmanaged or on-premises servers further compounds the breach’s reach.

For Sisense customers, the breach presents a significant threat. With compromised credentials, bad actors could potentially access sensitive data within their Sisense environments. While the exact contents of the stolen data remain unclear, they may encompass a broad spectrum of information, including financial data, personally identifiable information (PII), customer data, HR records, and more. This ambiguity underscores the urgency for affected organizations to promptly address risks and fortify their data assets

The fallout from the breach extends beyond Sisense and its clientele. With potentially over 1,000 companies affected, spanning startups to multinational corporations across diverse sectors, the risk of subsequent attacks looms large. The stolen credentials could empower attackers to breach additional cloud environments containing consumer data, amplifying the threat landscape and intensifying concerns regarding cybersecurity resilience.

 

Steps You Can Take to Secure Credentials

In the wake of the Sisense breach, securing credentials has emerged as a critical imperative for organizations seeking to fortify their cybersecurity posture. Sisense’s Chief Information Security Officer (CISO) circulated an advisory to customers, providing recommended steps to follow.

 

Source: @marcwrogers

 

The Procyon Approach to Securing Credentials

Procyon, the leading On-Demand Authorization platform, offers a comprehensive solution designed to address the evolving challenges of credential management and access control in today’s digital ecosystem.

Here’s how Procyon can help you secure your credentials:

  • Replace Long Standing Privileges with Just-In-Time (JIT) Privileges: Reduce your organization’s exposure to attacks by restricting access and limiting privilege escalation. Procyon’s self-service portal empowers developers to request access on demand, ensuring that only authorized individuals gain entry when necessary.
  • Embrace Passwordless Authentication: Transition to a passwordless approach to mitigate the vulnerabilities associated with shared accounts and static passwords. With Procyon, developers and security teams can combat credential theft since it does not store the credentials anywhere and deletes any trace of the credentials, thus strengthening security measures and simplifying access management.
  • Revoke Access: Equip your organization with the capability to swiftly and decisively revoke access privileges. Leveraging Procyon’s TPM-based robust user and device identification, along with geolocation and session data analysis, enables proactive detection of insider threats and unauthorized access attempts. With features like kill switch protection and anomaly detection, organizations can terminate active sessions with confidence and preempt breaches.
  • Streamline Multi-Cloud Identity Governance: Automate risk assessments and privilege control across diverse cloud environments to simplify the management of cloud infrastructure security. Procyon offers a seamless solution for cloud IAM operations, utilizing cloud-native APIs to dynamically manage and scale permissions, thereby reducing operational overheads and fortifying security protocols.
  • Secure Code Repositories: With Procyon, you can effortlessly safeguard code repositories. By integrating the repository with IDWall, access is restricted to trusted users only. Procyon also facilitates the implementation of signed commits to ensure that only authorized individuals make changes to the code. Furthermore, administrative modifications to the repository, including access controls and external web hooks, are meticulously tracked, allowing for accurate attribution of actions to the appropriate users.

 

Get a Demo

Want to know more about our product? Schedule a personalized demo today.