Cloud infrastructure entitlement management (CIEM) is the process of managing identities and privileges in cloud environments. The purpose of CIEM is to understand which access entitlements exist across cloud and multicloud environments, and then identify and mitigate risks resulting from entitlements that grant a higher level of access than they should.

With CIEM solutions, security teams can manage cloud identities, entitlements, and enforce the principle of least-privileged access to cloud infrastructure and resources. CIEM solutions help companies reduce their cloud attack surface and mitigate access risks posed by excessive permissions.