Gartner also estimates that Cloud Security Posture Management, OpenID Connect and SaaS-Delivered IAM are two to five years away from mainstream adoption and will also deliver a high level of benefit. The seven technologies include Cloud Access Security Brokers, Cloud Security Assessments, Cloud Service Brokerage, Cloud-Testing Tools and Services, Document-Centric Identity Proofing, Enterprise Digital Rights Management OAuth 2.0. Gartner predicts seven of the 33 key technologies in the Hype Cycle are just two years away from mainstream adoption and will deliver a high level of benefit.Vendors active in this area include Adaptive Shield, AppOmni, Cloudneeti and Obsidian Security. At the same time, SaaS cybersecurity vendors realize the need to provide an enterprise-wide SaaS platform capable of scaling across all applications. Gartner notes that client interest in SSPM continues to increase. Optional capabilities include comparison against industry frameworks and automatic adjustment and reconfiguration. Core capabilities include reporting native SaaS security settings' configuration and offering suggestions for improved configuration to reduce risk.
![2020 gartner hype cycle 2020 gartner hype cycle](https://miro.medium.com/max/1200/0*33attjubQ3xiv_Ym.png)
Gartner defines SaaS SSPM as tools that continuously assess the security risk and manage SaaS applications' security posture. SaaS Security Posture Management (SSPM) is the second category added to the Gartner Hype Cycle for Cloud Security for the first time this year.Active vendors in this area include Authomize, Britive, CloudKnox Security, Ermetic, Obsidian Security, Polyrize, SailPoint, Saviynt and Sonraí Security. Gartner predicts CIEM will continue to offer significant advantages over proprietary Cloud Infrastructure and Platform Services (CIPS) embedded technologies for governance of identity entitlements.
![2020 gartner hype cycle 2020 gartner hype cycle](https://vantiq.com/wp-content/uploads/2021/01/Hyper-Cycle-2020-Mac-V2.png)
CIEM relies on a least-privilege approach to governance and compliance. An example of this would be the accumulation of privileges that are dormant or not used over time. CIEMs often rely on analytics, machine learning (ML) and advanced statistical techniques to detect anomalies in account entitlements.
![2020 gartner hype cycle 2020 gartner hype cycle](https://cmte.ieee.org/futuredirections/wp-content/uploads/sites/44/2020/09/hype-cycle-for-emerging-technologies-2020-660x330.png)
Gartner defines Cloud Infrastructure Entitlement Management (CIEM) as specialized identity-centric SaaS solutions focused on managing cloud access risk via administration-time controls for managing entitlements and data governance in hybrid and multicloud IaaS architectures.