enterprisesecuritymag

Anomalix: Identity and Access Management Simplified

CIO VendorMohammed Elkhatib, Founder & CEO
In today’s world, managed security and managed identity services go hand in hand. With the explosion of IoT, the definition of identity with respect to security is gradually becoming obscure as most services and devices have their own access control systems. Anomalix is one company that stands out in the market through its unique approach to identity and access management. “By leveraging our partner ecosystem, we cumulate best-of-breed technologies for security and identity on top of which we expose our APIs and apply our analytics,” says Mohammed Elkhatib, founder and CEO, Anomalix. The company brings together identity management and traditional cybersecurity, endpoint protection, and vulnerability management for the cloud through its analytical capability.

User Entity Behavior Analytics (UEBA), Anomalix’s proprietary solution, has the power to garner all historical identity events. UEBA collects identity data—like relationships (employees, contractors, partners and devices). The identity is monitored for changes and is correlated to the access a given Identity is required for job functions. Anomalix’s identity analytics solution captures and stores all identity data to optimize access management.

From a compliance and audit perspective, organizations face mandates both from a governmental standpoint as well as a corporate standpoint to identify who has access to what and whether or not that access is appropriate. This is where Anomalix comes into play, collecting identity, access, and event related information in order to analyze data of the highest sensitivity, but more importantly, quickly spotting anomalies concerning authentication, peer group behavior, access requests, security investigation, and vulnerability.
Furthermore, Anomalix renders managed security services that can detect signature-less attacks on endpoints as well as within a network. In this regard, the firm works proactively to figure out the intricacies of the network so it can establish behavior trends for usage. In the process, it also understands how internal and external network traffic interact with data and identifies anomalies and lateral movements. Anomalix seeks to build a clear picture of risks and vulnerabilities in customer networks and cloud environments to identify looming threats. To this end, the team divides structured and unstructured data and applies risk to data exposure based on which they can gain visibility into customer databases and subsequently govern the identification and classification process.

Our user interface allows administrators to not be specialists but more of generalists, enabling them to reduce the overall expenditure on resources


A unique factor of Anomalix is that its products rely on wizard-driven administrative capabilities. Companies need not hire a specialized team of developers and security specialists to comprehend Anomalix’s solution. “Our user interface allows administrators to not be specialists but more of generalists, enabling them to reduce the overall expenditure on resources,” explains the CEO. With UEBA in place, users can build workflows that give them the ability to recognize the data and the population of identities that need to be managed while creating a process for attestation and access verification.

When it comes to assisting customers, Anomalix takes a consultative approach: the team first evaluates the objectives of clients and then conducts an identity-based security risk assessment. Several organizations have benefitted from using Anomalix’s identity analytics engine that can effectively detect anomalous access related behavior and deliver real-time upshots. For the future, Anomalix intends to continue enhancing user experience for its clientele while also extending its international presence across Europe and Asia. “Adoption can happen only when we create intuitive experiences for analysts and engineers,” remarks Elkhatib as he winds up.