San Jose, Calif.– May 21, 2019–
Aporeto, the leader in Identity-Powered Cloud Security, today announced the immediate availability of Cloud Privileged Access Management (PAM) for infrastructure and Identity-Aware Proxy for modern applications. These new services represent a significant expansion of the Aporeto identity-based access control cloud security platform that leverages both a patented cryptographic workload identity and user identity to manage access to infrastructure and cloud workloads.
The Aporeto platform abstracts security from the IP infrastructure to address application segmentation requirements and improves application risk posture. With centralized management and distributed enforcement, policies follow the application and remain persistent no matter where the operational environment is at any time.
Aporeto delivers a Zero Trust security solution by bringing the power of Identity to cloud infrastructure, providing single sign-on (SSO) authentication, visibility, and authorization control for heterogeneous workloads on-premises or in any public or private cloud. By leveraging capabilities already present in industry standards such as OpenSSH and OpenID Connect (OIDC), organizations can dramatically improve their security posture. Aporeto enables the exposure of the authenticated user’s identity to limit their activity and meet compliance regulations without the complexity of discovering existing or managing new SSH key pairs or managing VPN tunnels and connections. Identity, in the form of user-context information, allows Aporeto to enforce simple authorization policies, with the ability to extend authorization to propagate additional downstream resources.
“We see customers continuing to struggle with managing secure access to infrastructure, whether from privileged insiders accessing servers and cloud images, to end users who need secure access to applications or APIs,” said Jason Schmitt, CEO of Aporeto. “With the Aporeto identity-based cloud security platform, we are able to authenticate, authorize, and encrypt every interaction within your cloud infrastructure, providing just-in-time access to what’s needed, when it’s needed and only when policy explicitly allows it. Such a practical implementation of Zero Trust security is a powerful solution for controlling, managing and auditing access to modern infrastructure.”
Aporeto Cloud PAM
Aporeto Cloud PAM provides just-in-time server access with visibility and control for any server on your infrastructure:
- Elimination of SSH key management complexities
- Access controls based on the user’s authenticated identity and time-bound policies
- Just-in-time SSH access, with SSH certificates
- SSO with OIDC compliant 3rd party IDPs
- Logging of all CLI commands issued by users on your hosts auditability for compliance
- Automated triggers to maintain audit policy controls
- Compatibility with OpenSSH nodes
- Seamless integration with Aporeto’s Distributed Firewall for networkless micro-segmentation
Aporeto Identity-Aware Proxy
Aporeto Identity-Aware Proxy uses identity and context to control access to corporate web applications and APIs:
- Elimination of the need for VPNs and API gateways to manage secure access to web resources
- Enablement of OIDC compliant authentication and authorization with zero code changes, offloading strong access control from business logic
- Enforcement of granular authorization policies based on user identity, differentiating between corporate users, B2B partners, and contractors
“We are excited to work with the Aporeto team as they rapidly expand their unique approach to securing cloud applications and networks,” said David Zilberman, Managing Director of Comcast Ventures. “Aporeto is taking a unique approach to securing dynamic cloud workloads at scale and disrupting the network security incumbents that are still trying to shoehorn static, appliance-based solutions into a cloud environment where they don’t fit.”
Aporeto is the leader in Identity-Powered Cloud Security for cloud and hybrid environments that provides segmentation for applications based on cryptographic workload identity rather than IP addresses. Aporeto provides an inherent Zero Trust security solution for workloads, including microservices, containers, and serverless functions, using identity context, vulnerability data, threat monitoring, and behavior analysis to build and enforce authentication, authorization and encryption policies for applications. Aporeto protects against attacks and prevents lateral movement with application policies that are portable and persistent for end-to-end visibility and centralized management Aporeto decouples security from the underlying network infrastructure and allows enterprise organizations to consume cloud, build cloud-native applications, and improve application velocity. Learn more at www.aporeto.com.
Press inquiries to: