We mainly use the solution to scan five platforms: Confluence, Jira, SharePoint, Slack, and GitLab. We use it to detect developers posting secrets in plaintext.

When developers post credentials in plain text in their code or documents, it creates an attack surface that can impact our organization. If we are being breached, that makes it very easy to find passwords, and once they have a password, they can take strong actions. We do not want random people to be able to take such strong actions when they are not allowed to or should not do it. Entro Security is basically helping us detect violations of developers, and we then force them to delete the stored credentials.

Reduction in the attack surface is the main benefit. We have not worked with it much yet, but so far, it has been good. It can be improved a bit more in the future, but so far, we have just scratched the surface with Entro Security.

Entro Security has helped develop a better culture among developers. They are willing and starting to use something called Vault to store credentials, and they even do it without us telling them. In the past, they used to post everything like in ClearText, whereas now, they are voluntarily migrating the information to Vault. I am pretty sure it is because Entro Security is also annoying them. Every time there is a finding, we ping them via Slack. The ping comes from Entro itself. They do not want to be bothered by messages. They do not want to be seen as a bad employee, so they are using it on their own.

It is not hard for us to establish behavioral baselines for non-human identities (NHI) in Entro Security.

It is important that Entro Security’s detection and mitigation of NHI threats is done in real-time. It is becoming a worldwide issue, not only in our company. So many companies are trying to solve this issue where developers are posting credentials in plain text. It is of very high priority. It is not critical, but it is highly important.

Entro Security has improved visibility, revealing the extent of our credential issues, where strong credentials like admin accounts were found in plaintext in numerous projects. We have more visibility and control. We got to know that the issue was much bigger than we thought. We thought that only one out of ten projects would have some kind of password, but we found more than five to seven projects having plain text credentials. The credentials stored were of strong accounts. They had put admin account information in plain text. We did not think it would be this severe. We thought that, at worst, they would be some maintainer credentials, but they were using full admin credentials in their code and had put them just in plain text.

Entro Security has helped improve our organization’s security posture.

Entro Security has decreased our exposure to risk. It reduces exposure from the inside, not from the outside.

They are very helpful and responsive. They acknowledge issues, take feedback seriously, and implement features based on user requests.

The product provides valuable features such as revalidation, which is helpful for the full automation of our process without the need for human interaction. If a secret is deleted, it conducts a revalidation to ensure deletion.

The detection of generic content or custom data specific to our company needs improvement. It has trouble detecting unique patterns of secrets.

In terms of new features, they already gave us the ability to decrypt the password so that we can send it to be revalidated. The only feature pending from their side is for sending alerts to Webhook instead of Slack. We gave them this request only a week ago.

We have been using the solution for at least one year. I have personally been working with Entro Security for a few months. Prior to that, someone else was working on Entro Security. I have not had enough time to explore everything.

I find the solution to be very stable.

I believe the solution is scalable.

It is being used across the whole company. We have about 8,000 to 10,000 users.

The customer service is very good, as the team is familiar with the tool and helps solve issues quickly. They implement requested features and fix issues promptly.

We used a free open-source one before, which was not effective. We did not have any NHI solution prior to this.

We use the cloud and on-premise versions.

The initial setup was not hard. The cloud one is easier. The on-prem is a bit more complicated, but there are no major issues with that because they also provide support for deployment.

In terms of implementation strategy, they provided some guidelines, but from our side, we knew which sources had the most risk and most credentials. We implemented it there first. We focused on high-risk sources first and gradually expanded.

The deployment was done in-house with assistance from the vendor. They helped us with the deployment, but most of the strategy was ours. Two people were involved in the deployment.

In terms of maintenance, sometimes we need to update versions. We have two people involved in its maintenance.

I cannot quantify the cost savings, but there is a return on investment through time savings, automation support, reduced workload, and improved security practices.

I am not aware of other solutions that were evaluated before choosing this one.

I would advise trying to automate as much as possible. I would recommend this tool to others because their support is excellent.

I would rate Entro Security a seven out of ten.