XM Cyber boosts identity risk visibility with continuous exposure management

XM Cyber has unveiled a series of platform updates designed to help organizations better manage identity risk in an era where AI-powered attackers are increasingly sophisticated. A recent Gartner projection underscores the urgency: “By 2028, 70% of CISOs will use identity visibility and intelligence capabilities to shrink the IAM attack surface, reducing the risks of credential compromise.”

One of the most common entry points for breaches is excessive permissions, a tactic frequently used for lateral movement across hybrid-cloud environments. The enhanced platform now enables teams to pinpoint where access can be right-sized according to least privilege access policies, while also linking identity risk to the broader array of exposures that attackers typically exploit.

“Least privilege access is a well-established principle for maintaining an effective security posture, but many organizations still struggle to achieve it due to the complexity of managing identities and access at enterprise scale,” said Boaz Gorodissky, CTO at XM Cyber.

“We’re adding granular visibility into access permissions and their actual usage so teams can quickly see whether elevated permissions across Active Directory, Entra, and cloud platforms are actually being used. If they aren’t, that’s a clear opportunity to remove permissions to reduce the attack surface and improve risk posture without disrupting operations,” Gorodissky added.

XM Cyber’s existing Continuous Exposure Management solution already delivers significant value to security and IAM teams by offering actionable intelligence on Active Directory and cloud configurations. The platform covers:

• Roles with excessive permissionsBy integrating permissions usage data into the platform, XM Cyber now enables faster, frictionless remediation workflows between IT, DevOps, and security teams. Security and identity professionals can surface excessive permissions that are validated as part of an attack path. Unused permissions can be revoked to shrink the attack surface or continuously monitored as part of an identity security hygiene process.The new capabilities include:
• Active Directory excessive permissions: Active Directory entities are evaluated to determine how frequently they use their permissions. This allows identity security practitioners to more easily decide whether a specific permission level is necessary and to provide the evidence needed to implement a fix. The result is faster risk reduction and closure of attack paths that exploit those permissions.
• Cloud Infrastructure Entitlement Management (CIEM): Entitlements for cloud entities are analyzed to offer a comprehensive view of usage patterns in large multi-cloud environments. This helps cloud security and DevSecOps teams make informed decisions when cleaning up overly-permissive roles, thereby boosting overall security posture and identity security hygiene.These enhancements provide critical context into how permissions are actually used across the enterprise. Identities, roles, and entitlements are constantly evolving, making it essential for security and identity teams to understand day-to-day usage when deciding which exposures to prioritize or whether privileges can be safely revoked.This added insight, embedded within XM Cyber’s broader Continuous Exposure Management offering, connects identity risk to the full range of exposures the platform already discovers and prioritizes. It gives organizations a clearer picture of how identity-related issues contribute to real attack paths across hybrid environments and where remediation efforts will have the greatest impact.