Introducing Centrify Identity Services for HashiCorp Vault

Today, Centrify is proud to announce the integration of the Centrify Identity Service with HashiCorp Vault for role-based user authentication and access to the Vault. The Centrify Next-Gen Access Management platform now provides an additional Auth Method called “centrify” for HashiCorp Vault. This Auth Method allows you to authenticate users to HashiCorp Vault, leverage any connected directory source for authentication, and enable role-based authorizations to Vault resources using Centrify Roles. Figure 1: HashiCorp Vault integration with Centrify Identity Services INTEGRATION, AUTHENTICATION, ACCESS There are several benefits to using Centrify for user authentication to HashiCorp Vault: Centrify brokers authentication to any…

Secure the Vote with Zero Trust

Our democracy is under attack. We are in an era where digital assets are being weaponized and used against us. The fragile state of our democracy is highlighted by election meddling by foreign interests, database breaches of both political parties, and most recently a high-profile breach of trust. And now, just a week ago, a “60 Minutes” episode titled, ‘When Russian Hackers Targeted the U.S. Election Infrastructure,’ validated that the main target of the 2016 U.S. election was election boards, and that up to 90,000 voter records were compromised. Election boards and officials face the biggest battle yet when it…

Trends to look for next week at RSA Conference 2018

Next week (April 16-19) is the 2018 RSA Conference at the Moscone Center in San Francisco, and there’s good news: it’s not too late to register for a complimentary Exhibit Hall Only Pass using the Centrify entry code X8ECENTR. You’ll get free admission to the Exhibit Hall, Wednesday through Friday keynotes, select sessions throughout the week, and several other events you can learn about here. If you’re on the fence about whether or not to attend, here’s a preview of the topics we expect to generate the most RSA buzz. If any of these interest you, register, and be sure…

Centrify Zero Trust Security Partners in the Spotlight at RSA Booth 501

RSA Conference has moved back to April this year, and next week the largest cybersecurity trade show in the world will once again convene at Moscone Center in San Francisco. Centrify will be front and center this year – literally. Our booth #501 is right in the middle of the entrance to the South Hall. You can’t (and won’t want to) miss it. In case you didn’t catch it the first time, Michele Hayes wrote a great blog about everything going on at our booth next week. I highly suggest reading that once you’re done here. PARTNERS IN THE SPOTLIGHT…

Why the Path Towards Zero Trust Starts with Next-Gen Access

Zero Trust Security has gained a lot of popularity over the last six months. Almost daily you can read articles about this security strategy (e.g., TechRepublic, CSO, Security Current). Both analysts (e.g., Forrester) and security professionals acknowledge the benefits it offers in the context of establishing effective ways to minimize the risk of falling victim to a cyber-attack. The reason why so many embrace Zero Trust Security is most likely anchored around its simplicity ― with today’s porous network perimeter, untrusted actors already exist both inside and outside the network. However, when it comes to developing the necessary blueprint on…

Six Reasons to Experience Zero Trust Security in Centrify Booth 501 at RSA

In case you hadn’t heard, the 2018 RSA Conference will be held April 16-19 at the Moscone Center in San Francisco. If you haven’t been, this is the security event of the season and the best opportunity you’ll find to network with 50,000 other security professionals — exchanging ideas, learning the latest trends and finding solutions that empower you to stay ahead of rapidly-evolving and increasingly-costly cyber threats. Centrify will be there, offering demos and explaining why Zero Trust is the future of cybersecurity, and we’d like you to be our guest. Below are the event details and six reasons…

Making Headlines: SAML

On February 27, 2018 the CERT Division of Carnegie Mellon University’s Software Engineering Institute issued advisory #475445, outlining a design flaw in Security Assertion Markup Language (SAML) implementations, which affects various Single Sign-On (SSO) software and several open source libraries meant to support SAML-based SSO operations. Centrify customers are not susceptible to this vulnerability nor any Service Provider Applications that leverage the Centrify SDK (for more details, click here). The disclosed vulnerability drew a lot of media attention, generating coverage by tech publishers like ZDNet, eWeek, and TechTarget. Some of you might ask why there has been so much hype…

Centrify for NIST 800-171 MFA Compliance

I often speak with Federal System Integrators (FSIs) who need to implement Multi-Factor Authentication (MFA) as part of their NIST 800-171 compliance. Specifically section 3.5.3 of this NIST guide states, “Use multifactor authentication for local and network access to privileged accounts and for network access to non-privileged accounts.” Many of these FSIs have already implemented smart cards in their environment, at least partially, while others have no form of MFA at all. Either way, the Centrify Identity Platform can provide this MFA compliance, along with many other features required for a secure, Zero Trust environment. (Centrify’s detailed compliance note on…

SEC Clarification: Companies Must Disclose Breaches

In late February, the U.S. Security and Exchange Commission (SEC) issued new cybersecurity guidance in the form of an “interpretive release.” According to the SEC website, the Commission frequently provides guidance on federal securities laws and SEC regulations for business and investment communities. The release covered three main topics: Disclosure of cybersecurity risks and incidents Companies have been largely remiss in alerting the public to breaches that may directly impact them. Equifax took five months to reveal that the data of 145 million people had been compromised. Yahoo took years to disclose that every one of its user accounts had…

Frost & Sullivan Recognizes Centrify for IDaaS and PIM Leadership

Today Frost & Sullivan, a leading analyst firm and growth partnership company, announced that Centrify has earned the North American Product Leadership Award for its Next-Gen Access Solution for Zero Trust Security. The report specifically noted Centrify’s success as a security company comes by challenging traditional approaches to security and using a unique philosophy to address the problem. Centrify helps its customers identify and follow a set of best practices that are grounded in Zero Trust Security—through verifying all users, validating their devices, and limiting access and privilege—to reduce risks related to breaches. The author of the report, Sankara Narayanan,…