.png)
Opal is now available in the AWS Marketplace, so organizations can purchase Opal using AWS credits and benefit from simplified procurement and billing. The platform has enabled enterprises to manage and secure complex multi-account environments.
Use Cases
Reduce anomalous access
With Opal, security teams can visualize access to AWS and prioritize risk based on inactivity, access type, employee departments, and more. With this visibility, security teams can remediate risk with one click to revoke or convert longstanding access to time-bounded access.
Just-in-time access to production
The explosion of the cloud has made it easier than ever to create infrastructure, even for teams outside of software engineering. While this has enabled innovation, it has also led to permission sprawl, increasing the risk of insider threats. Opal makes it easy to reduce over-provisioned access but allows developers to request just-in-time access for engineering permissions. Developers can browse a self-service catalog, and resource owners can quickly approve and provision access via Slack.
Dynamic credential generation
Traditional PAM tools slow developers down by forcing them to check out credentials in a centralized vault. Instead of checking out credentials in a shared vault, Opal enables developers to quickly generate federated and auto-expiring credentials.
Automate on-call access
Managing engineering permissions for on-call rotations is hard. Companies must make the difficult trade-offs between security and agility. Opal has partnered with PagerDuty to build a new solution. DevOps can create resource bundles in Opal and dynamically grant and revoke access based on PagerDuty schedules. This ensures that privileged access to production should only be granted during the appropriate time – without adding operational burden. Companies can save money by buying a flexible pool of licenses reserved for engineers who are on-call rather than the entire engineering department.
Technical architecture
By integrating natively with AWS organizations and IAM Identity Center, Opal seamlessly manages multi-account environments. The agentless solution deploys in minutes and can be configured with Opal’s rich APIs and Terraform provider. This enables access policies at scale, and organizations can quickly onboard AWS accounts already managed by Infrastructure-As-Code.
About Opal
Opal is the unified identity platform for modern enterprises. Opal aggregates identity and access data to provide visibility and defense-in-depth infrastructure for mission-critical systems. Enterprises can discover anomalous identity risks with the product and remediate them in minutes. The world's best companies trust Opal to govern and adapt sensitive access.
Want to see it yourself? Contact sales@opal.dev or book a meeting here for a personalized demo.
Eugene Ling
