Posts by David McNeely

David McNeely is VP of Product Strategy at Centrify Corporation.


Centrify Perspective

3 for 3! Centrify a Leader in 2019 KuppingerCole Leadership Compass for PAM

By , April 23, 2019

KuppingerCole recently published its 2019 KuppingerCole Leadership Compass for Privileged Access Management (PAM), again recognizing Centrify as a Leader as it did in the previous iteration in June 2017. This marks the third major PAM Market research report in the past 6 months where Centrify was recognized as a Leader, following the same recognition in The Forrester Wave: Privileged Identity Management (PIM), Q4 2018 and the Gartner Magic Quadrant for Privileged Access Management, Q4 2018. We’re honored to go “3 for 3,” and believe this is a strong validation of Centrify’s Zero Trust Privilege approach. A complimentary version of this report…

Centrify Perspective

Introducing Centrify Identity Services for HashiCorp Vault

By , April 17, 2018

Today, Centrify is proud to announce the integration of the Centrify Identity Service with HashiCorp Vault for role-based user authentication and access to the Vault. The Centrify Next-Gen Access Management platform now provides an additional Auth Method called “centrify” for HashiCorp Vault. This Auth Method allows you to authenticate users to HashiCorp Vault, leverage any connected directory source for authentication, and enable role-based authorizations to Vault resources using Centrify Roles. Figure 1: HashiCorp Vault integration with Centrify Identity Services INTEGRATION, AUTHENTICATION, ACCESS There are several benefits to using Centrify for user authentication to HashiCorp Vault: Centrify brokers authentication to any…

From the Cloud

Centrify Identity Services: Securing Docker and Containers

By , January 15, 2018

Introduction We are excited to announce that Centrify now supports CoreOS Container Optimized Linux which several of our customers are using as part of their adoption of containerization for their application deployments. But first, let’s start with an overview of how Centrify can help you protect access to these containerized platforms and the applications that run on them. As organizations embrace hybrid cloud environments moving their applications and other workloads to public clouds such as AWS, Azure and Google, application developers building custom apps inevitably rework their applications to take advantage of the hosting platform capabilities such as auto-scaling enabling…

It's All About Identity

Changing the Game: Simplified Authentication to IaaS

By , December 1, 2016

I am pleased to introduce the Identity Broker capability of the Centrify Privilege Service. Identity Broker for Linux enables a new paradigm in user authentication to Linux systems, which seamlessly integrates your choice of directory service, including Active Directory, LDAP directories or cloud directories such as Google G Suite Directory. This is a significant advancement in Centrify’s identity consolidation capabilities and delivers freedom of choice when deciding where to store your identities. For 12+ years, Centrify has focused on delivering some of the best possible integration of Linux servers into Active Directory. Our customers are successfully securing identity, authentication and privilege across…

Centrify Perspective

Top 3 Takeaways from Black Hat 2016

By , August 16, 2016

While I’ve been working in identity and access management (IAM) space since the early 1990s, this was the first year that I attended Black Hat, and it is the first year that Centrify has sponsored the event with a booth.  In preparation for it, we heard from many who had attended in the past about potential cyberattacks at the event. As a result, we made sure that everyone attending was prepared and knew what to expect based on previous reports from Black Hat events that we found including: Not Your Average Top 5 Things To Know Before Blackhat Rule 31 Black Hat…

From the Cloud

Smart Card Login to Cloud-Based Apps and Privileged Identity Management Services

By , December 18, 2015

I am excited to announce that Centrify has added Smart Card login as a core feature of our Cloud Identity Platform supporting both the Centrify Identity Service as well as the Centrify Privilege Service. Smart Cards in physical form (CAC/PIV), derived credentials, virtual smart cards as well as USB PKI Keys (such as Yubikey or SafeNet eToken Pro) can now be used to login to your agency’s personalized Centrify cloud portal for access to SaaS applications as well as privileged user access to authorized servers and networking devices. There are several reasons that our customers are asking for this capability as they…

It's All About Identity

Secure Windows Administration and Eliminate Dual Active Directory Accounts for Administrators

By , March 17, 2015

I’ve seen many environments lately where the Windows administrators have two Active Directory accounts, one that they use for their normal end user activities, such as reading email, and the other they use for any administrative duty. This creates several very real problems: a) the admin now has two different accounts with a password that he must now maintain over time, probably not a huge problem but just a pain for the admin; b) you still have to trust the admin where he will use the second admin account and hope that he doesn’t use it for normal daily activity…

It's All About Identity

Secure Identity for Hadoop @ Strata+Hadoop World 2015

By , February 24, 2015

The most interesting thing to me about Strata+Hadoop World was the stories about what everyone is doing with Hadoop or Big Data. We heard numerous stories about how data scientists are using Hadoop to analyze customer data, financial data, web site click traffic, etc. In fact, most of the people who came to the show were realizing the value of Hadoop technology, while very few were responsible for the IT infrastructure that it runs on (who we normally sell security solutions to). And the most common title at the show was Data Scientist, which got me thinking that we should have a Security…

Centrify Perspective

Mitigating Vulnerabilities Related to Unmanaged SSH Keys with Kerberos

By , October 15, 2014

SSH has become the defacto method to access UNIX and Linux computers over the network for several different use cases – from shell access or file transfers, to batch jobs that need to communicate with other computer or apps, to name a few. As with any remote access solution to a system that contains corporate data, centralized authentication and access controls are critical to ensure that only the right users can access that resource in line with the business needs. However the challenge is that SSH Server that is typically configured for remote access on nearly all UNIX and Linux systems…