wonderfully unique software solutions

ThycoticCentrify boosts Secret Server privileged access

Privileged access management (PAM) vendor ThycoticCentrify has unveiled enhanced security, automation and design in its award-winning Secret Server cloud identity manager.

According to Brad Shewmake, writing for ThycoticCentrify, this version of Secret Server enables rotation of the master encryption keys used and offers a “streamlined” connection process for jump boxes that protect access to critical resources.

“Rotating individual secrets housed within the digital vault provides an additional layer of protection to block external actors,” Shewmake said.

“[And] rather than taking time to inject unique credentials at every connection point, users can now use a single key to navigate an entire route from launch, to jump box, to destination, within a single session.”

Shewmake said that checkout enhancements mean only one privileged user at a time is permitted to use a secret. Secrets for API connections are automatically checked in post-expiration. This should ease auditing and compliance.

“When secrets aren’t checked back in to Secret Server after use, critical maintenance operations can’t be performed and productivity slows,” he said.

“Additionally, users now have more visibility into remaining time on a secret checkout and can extend the checkout if required.”

Other changes have been made to the Secret Server interface, logging, and reporting, with a view to improving usability and accessibility via keyboard navigation and screen reader hints, Shewmake said.

ThycoticCentrify states its focus as about decreasing the number of steps to safeguard secrets, reducing the attack surface area, and administrative workloads.

“According to the Verizon 2021 Data Breach Investigations Report, credentials are the primary means by which bad actors hack into an organisation, with 61% of breaches attributed to compromised credentials,” added Shewmake.

ThycoticCentrify is holding a webinar on 19 January on how privileged accounts are hacked – click the link to sign up or learn more.

( Photo by Sammy Williams on Unsplash )

Recent Articles

Usecure builds security awareness focus, adds platform functionalities

MSP-focused security vendor Usecure is continuing to expand the capabilities of its human risk management focused software for partners.

Phishing attacks still plague common file types, Hornetsecurity warns

Phishing via archive, HTML, Excel or PDF files remain the leading email-based cyber attack on organisations, according to cybersecurity specialists at Hornetsecurity.

How TechSmith video-based learning can boost diversity and inclusion

When Hillsborough Community College in the USA wanted to create a remote-learning platform to assist students who use sign language, it turned...

Opswat uprates security for AWS partners in the cloud

Operations tech (OT) and industrial cybersecurity vendor Opswat, maker of MetaDefender, has been expanding and deepening its relationships with Amazon Web Services...

TeamViewer and Siemens to collaborate on augmented, mixed reality

TeamViewer is teaming up with Siemens on augmented and mixed reality (AR/MR) for the product lifecycle management space. The...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox