Term · 27. Emerging Categories 2024-2026

Cloud Infrastructure Entitlement Management CIEM

IDM/IGA Domain

AuthZ NHI NIST Introduced by: Gartner

Definition

Discovery, analysis, and remediation of permissions held by identities (human + non-human) across cloud infrastructure platforms (AWS, Azure, GCP). Coined by Gartner in 2020 to address cloud permission sprawl — typical enterprises grant 10× more permissions than identities use. CIEM tools continuously map effective permissions, detect toxic combinations (privilege escalation paths), and right-size least-privilege.

Synonyms

Cloud entitlement management (legacy)

Application: Regulatory: Gartner Magic Quadrant / Hype Cycle · NIST SP 800-63 (Digital Identity Guidelines)

Standards & regulations

Gartner
NIST

Sources

Gartner CIEM market definition (Hype Cycle Identity & Access) primary source

Related terms

Cloud Data Access Governance

Discovery, classification, and access control for sensitive data across cloud data stores (S3, Snowflake, BigQuery, Data …
Continuous Adaptive Trust

Authentication and authorization paradigm where trust is recomputed continuously throughout a session based on real-time …
Ephemeral Identity

Workload or AI agent identity with very short lifetime — created on-demand for a specific task or session, destroyed whe …
Non-Human Identity (NHI)

Identities for service accounts, API keys, OAuth client secrets, machine certificates, workload identities (AWS IAM role …
Access Control (AC)

Mechanism that determines whether a principal is permitted to perform a specific action on a specific resource. Includes …
Access Management (AM)

Discipline of granting and enforcing access to resources after identity has been established. Encompasses authentication …

← Back to glossary · Open in main list