What led to the founding of Unosecur, and what specific gap in the cybersecurity market were you aiming to address?
Unosecur happened as a logical progression, I would say, after the insights and experience gained through scaling cloud consulting ventures, like Powerupcloud and Ankercloud, with public cloud providers. There was a clear and present gap in cloud security: businesses often neglect security while building software, especially when it comes to managing cloud environments. The opportunity for a simple, secure and scalable solution to protect identities and access within cloud environments was apparent, which led to Unosecur.
We aim at addressing the identity security gap in cloud environments, specifically focussing on identity management and risk mitigation. In short, the solution was born out of the realisation that “identities” are central to secure everything in the cloud. It is a critical focus point for Unosecur’s innovation.
What were some of the biggest challenges you faced while building Unosecur, and how did you overcome those? Tell us about a milestone that you are particularly proud of?
We started off to address how to detect and fix security issues related to user identities while businesses are using cloud services. These threats had to be detected in real-time, without disrupting the company’s daily operations. Another challenge was making our platform “agentless,” meaning it doesn’t require extra software to be installed, and ensuring it works smoothly with cloud services like AWS, Azure and Google Cloud, all the major SaaS apps.
Our biggest breakthrough was making Unosecur agentless, so that businesses can quickly integrate it with their cloud environments as well as on-premise systems, without the need for additional setup. This made it much easier for security teams to monitor their cloud security in just a few minutes.
Identity Fabric, a key component or enabler of our Identity Security Posture Management (ISPM), is a flexible and integrated framework for managing digital identities across diverse platforms and systems, particularly while handling Non-Human Identities (NHI). Security analysts have started using that acronym lately, and we have been managing NHIs before those become NHIs!
A milestone we’re especially proud of is our ability to detect identity-based threats in real time. This feature helps businesses spot and fix security risks instantly, which was something the industry really needed.
The biggest challenge, however, lies in democratising security by addressing the skill gap. Say, you are an expert in AWS cloud service management and a sudden crisis demands you to address three other verticals that you are not familiar with. We step in to address that gap and make threat aversion or mitigation easy.
In any tech-heavy business, including ours, there is always a friction between engineering and security. While engineering is about the pace of execution, security is about moderating the speed so that checks and balances are done properly. We tailor our solutions with the basic understanding of making these two work in tandem.
How does Unosecur ensure it meets the unique cybersecurity needs of businesses across various industries, like healthcare, or FinTech?
Interesting that you mentioned healthcare and fintech! Health and finance are two sectors that come with relatively stricter data security and compliance requirements. I should mention banking and finance in particular, because there are legal mandates that set cloud migration limits, which means on-premise data systems also need to be monitored. Regulators across jurisdictions have been pushing for Zero Trust systems for the sector.
Unosecur’s agentless platform is designed to be flexible and adaptable. By continuously monitoring cloud services across all accounts (AWS, Azure, Google Cloud), Unosecur helps organisations secure their data, users and access in real time.
The platform identifies and remediates identity-based threats, an essential capability in industries where data privacy and access control are paramount. It helps mitigate risks like over-privileged accounts, orphaned accounts and unauthorised access — key concerns for sectors such as healthcare and FinTech. It also employs User and Entity Behaviour Analytics (UEBA) in risk analysis. Simply put, it helps to spot unusual behaviour in your network, like when users or devices do things they don’t usually do. This helps catch security risks before they turn into bigger problems, such as data breaches or fraud.
By automating risk detection and integrating no-code workflows, it enables seamless collaboration between business and security teams, minimises credential theft, privilege escalation and lateral movement, thereby reducing manual intervention and speeding up threat mitigation.
This identity-focussed approach prevents breaches by proactively identifying risks before they can escalate. The impact of this is significant, as it helps businesses mitigate cloud permission gaps, avoid unauthorised actions and ensure continuous protection for their cloud assets.
Unosecur has gained recognition for its identity-based threat detection. Can you elaborate on how this technology works and the impact it has on preventing breaches?
Unosecur’s identity-based threat detection focusses on keeping track of who is accessing cloud resources and what they’re doing, to spot any unusual or unauthorised activity. It works by constantly monitoring things like who’s logging in, what they’re accessing, where they’re accessing it from, and when. If, for example, a user with basic permissions suddenly tries to access sensitive data, Unosecur quickly flags it as suspicious.
The technology works by continuously assessing who, what, when, where, how, and why cloud resources are being accessed, identifying any discrepancies in user permissions or activity patterns that indicate a potential threat. For example, if an account with limited access rights suddenly attempts to access highly sensitive data or perform a high-risk operation, Unosecur flags it as a potential breach.
To make the alerts even more accurate, Unosecur uses geofencing (checking if the user is in a typical location) and time boundaries (monitoring if the activity happens during usual working hours). This helps reduce false alerts and alert fatigue, making sure security teams focus only on real threats.
What’s next for Unosecur? Are there any exciting features or partnerships in the pipeline that you can share with us?
Unosecur is constantly evolving to address the ever-changing landscape of cloud security. In the coming months, it is focussing on further enhancing its real-time risk detection capabilities, integrating with more cloud service providers and expanding its machine learning-driven security analytics.
The company is currently exploring strategic partnerships with other cybersecurity and cloud infrastructure providers to expand its reach and capabilities. Cybersecurity is never a one-man show. Good partnerships make identity-based threat detection even more seamless and powerful for businesses across various industries.
The company is also looking at new product features, such as integrated Artificial Intelligence (AI)-driven access control policies and advanced compliance reporting tools, which will provide businesses with a comprehensive solution for managing and securing cloud identities at scale.
Soon, we will be launching Uno-copilots, our very own AI agent for security teams. Another exciting addition is the Uno-board, which gives you a resource-based perspective of IAMs. Simply put, the end-user client can see on a dashboard who is accessing what data from where, and can control, redirect, or simply block it by moving a cursor across the board!
editor@thefoundermedia.com
