Sysdig Cloud Infrastructure Entitlement Management (CIEM) is a cloud identity and access management solution that analyzes cloud audit logs to identify excessive permissions and compromised identities. The product correlates executed commands with users, roles, and policies to build profiles of permission usage across cloud environments. The solution addresses the problem of unused cloud permissions by analyzing access patterns and generating least-privilege policy recommendations. It tracks IAM risks including inactive permissions, inactive users, and high-risk policies, providing visibility into exact permission usage and last active dates. Cloud Identity Insights functionality analyzes identity activity patterns to detect early indicators of privilege escalation and account compromise. The system prioritizes high-risk users and roles based on runtime insights and additional risk factors such as missing multi-factor authentication or excessive administrative privileges. The platform automatically maps IAM violations with identity findings and provides suggested least-privilege versions of existing policies. It enables practitioners to drill into specific users or roles to examine permission usage details and receive actionable remediation guidance. Sysdig CIEM integrates identity and access management compliance into security workflows, helping organizations maintain compliance in complex cloud environments.