Entro exits stealth with context-based secrets management

Entro, the Israeli cybersecurity company focused on protection for secrets and programmatic access to cloud services and data, has exited stealth with its first-ever product offering context-based secrets management.

The new offering is the first and only holistic secrets security platform that detects, safeguards, and provides context for secrets stored across vaults, source code, collaboration tools, cloud environments, and SaaS platforms, Entro claimed.

“Entro implements proactive measures to secure secrets, such as real-time discovery, end-to-end visibility, monitoring, anomaly detection, and access enforcement,” said Itzik Alvas, co-founder and CEO of Entro. “With the Entro platform, security teams and CISOs can now know how many secrets they have, where are they, what they can do, who is using them, and how to keep them compliant and secure without affecting the work of R&D teams.”

The company has received $6 million in fresh seed funds in a round led by StageOne Ventures, and Hyperwise Ventures.

Scanners and vaults aren’t effective enough

Currently, companies are relying on vaults for storage and secret scanners that search for leaked and exposed secrets, and these tools do not provide context about the secrets, which is key to secrets management, according to Entro.

“Entro’s main mission is to reclaim control over secrets for security teams. Other solutions such as vaults or secrets scanners are part of a reactive approach to security that doesn’t provide any monitoring of risks, owner or context over secrets, the result is many false positives,” Alvas said.

The secrets lifecycle management process can be enhanced, and associate risks can be reduced by providing additional context surrounding the secrets, according to Jack Poller, an analyst at ESG Global. “Existing solutions are focused on either discovery (scanners) or moving hardcoded secrets into a vault. In both cases, the solutions don’t provide a full suite of secrets lifecycle management — especially universal purview, governance, and the ability to revoke and reissue exposed secrets.”

To illustrate, in the case where we have information that a specific secret has never been utilized or has not been used for a significant period, our aim would be to revoke that secret to thwart any malicious individual from exploiting it to gain access to sensitive data or cause disruptions in operations, Poller said. Similarly, we aim to promptly invalidate and replace any secrets that have been hardcoded, giving preference to code that is openly accessible, such as code stored in GitHub, he further emphasized.

Entro uses an in-house machine learning algorithm that leverages API calls and logs to provide context and spot anomalies or threats to the secret and raise an alert of any secret misuse, abnormal behavior, or imminent risk.

Modular, SaaS offering for contextual risk management

“Entro Security is a comprehensive SaaS solution that aims to protect an organization’s secrets, such as API keys, access tokens, and programmatic access. Our platform is agentless and consists of multiple components, but our pricing model does not limit access to any of these pillars,” Alvas said.

One of the primary modules, Secret Discovery, provides secret inventory and enables security teams to understand how many secret keys they have and where they are. Entro integrates with platforms where secret keys may be stored or exposed, including Slack, Confluence, code repositories, Kubernetes secrets, CI/CD secrets, GitHub Secrets, Terraform, and several vaults.

Secrets Classification and Enrichment is another capability designed to eliminate false positives and prioritize risks. It includes ownership, usage, creation details, rotation history, associated cloud services, permissions, and user activity, empowering security teams to protect and safeguard sensitive information effectively.

Anomaly Detection and Response, another key capability, employs secrets monitoring to detect and prevent misuse, abuse, abnormal behavior, and targeted attacks related to secrets, to protect against leaks. Additionally, Entro detects misconfigurations, ensuring compliance for secrets and vaults.

Entro also enforces least privilege to minimize the attack surface and potential impact of each secret by identifying and removing excessive privileges, or recommending permission reductions as a mitigation step if removing a secret from code is challenging or time-consuming.

“Entro provides a universal purview and secrets lifecycle management through their console. Because Entro can automate and orchestrate secrets management workflows, organizations can use Entro to both increase operational efficiency and reduce risk,” Poller said.