Bitdefender Completes Acquisition of Horangi Cyber Security


Products +

Services +

Customers +

Partners +

Resources +

Start Rightsizing Your Excessive Permissions Today with Warden IAM

In a dynamic business setup, managing a large number of privileged users with access to an ever-expanding set of identities and permissions is challenging. Managing separate IAM roles and groups for these users and resources adds yet another layer of complexity. Here's how you can enforce PoLP with ease. Read more!

What are the features being released? 

In the new IAM Security Risk section, users can immediately review the list of all excessive permission risks found in the organization.  These excessive permissions risks are defined by the unused services and permissions found in the policies for each “identity” in the last 90 days. 

Warden IAM Excessive Permissions Rightsizing

For each of these excessive permissions found, users can review not only “what-they-are” in a clearly labeled tabular format, but also “how-they-were granted” in an initiative graphical format.  

Warden IAM Graphs

After reviewing, users can then proceed to quickly rightsize the permissions with recommended steps. All users need to do is just simply copy and paste new policies or update the existing ones with the recommendation.

With the help of Warden IAM excessive permission and rightsizing feature set, adopting the Principle of Least Privilege (PoLP) can be this simple. 

PoLP in Warden IAM

If you are worried about additional impact, we’ve got that covered too. We’ve also added this additional information at the recommendation step, so that you and your team can always make an informed and confident decision on rightsizing. 

Why is this feature needed? 

Why should people care about excessive permission? 

  • Excessive permissions could lead to additional attack surface
  • It can increase your exposure to the attack
  • It makes adopting the principle of least privilege easy

Why would there be excessive permissions? 

  • With the increasing number of identities and complex ways of granting the permissions, managing the permissions becomes harder and more time-consuming
  • Often people granting the permissions do not have a security mindset nor are they cloud security-experts. They just want to get the job done (quickly) and end up granting excessive permissions without knowing it
  • Adopting the principle of least privilege is not easy, it requires the study of past usage to make a confident call. Hence, Warden IAM takes care of the examining of historical data parts automatically and provides you with suggestions that are context-rich, while users just need to simply follow through

What value does it add for our customers?

No expertise, no problem 

Our graphical view can help you gain Instant clarity on the excessive permissions and their potential impact on all the resources in your organization. 

Save time, minimize the headache

Resolving the excessive permissions does not have to be time-consuming. Just simply copy and paste the proposed policies which are recommended intelligently based on the analysis of historical data. The cherry on the cake here is that you can also easily preview the potential impact in a graphical format before the update. 

NoteExcessive permissions and rightsizing feature is currently only available for AWS customers.


We hope that this blog post will help you make the most of your Warden IAM. In case you haven’t taken Warden for a spin yet and you are having trouble answering “who has access to my crown jewels and how did they get the access?” then get in touch with a Horangi Specialist for a quick demo of Warden, a comprehensive cloud security tool with IAM, Threat Detection, and Posture Management capabilities. 

Mito Ye

Mito is a Product Manager at Horangi for Warden IAM. She is passionate about building a safer cyberspace by helping businesses adopt least-privilege principle in their identity and access management.

Subscribe to the Horangi Newsletter.

Be the first to hear about Horangi's upcoming webinars and events, up-and-coming cyber threats, new solutions, and the future of cybersecurity from our tech experts.