Scytale released Scytale Enterprise 1.0, a SaaS platform that enables security and infrastructure engineers to standardize, scale, and accelerate service-to-service authentication across dynamic and static enterprise IT infrastructure while minimizing risk and increasing operational efficiency.
Modern enterprise applications are increasingly being built upon interconnected software services that are often managed by different lines of business. These services are deployed on platforms that often include capabilities like cloud hosting, elastic scaling, and container orchestration.
The recent explosion in both the number of services and underlying platforms creates substantial service-to-service authentication challenges.
Security products, such as network/application firewalls and API gateways, and authentication protocols such as Kerberos and oAuth, are not addressing the service-to-service authentication needs of modern enterprise applications.
According to recent research by Scytale, 93% of IT executives are concerned about their service authentication credentials, while 83% agree that their technologies and processes to mutually authenticate services cannot scale as their organization adopts a more dynamic, hybrid cloud strategy. Employing continuously-attested identities for services (not humans) helps them take their early “zero trust” steps.
Scytale Enterprise 1.0 encapsulates service-to-service authentication complexities by harmonizing identity provider (IdP)-generated service identities that span static and dynamic enterprise IT environments. This enables security and infrastructure engineers to:
- Extend Kerberos-based IdPs to dynamic services: enable cloud and container-based services to have authenticated transactions with static services without 1) exposing Kerberos-based IdPs to the Internet, and 2) changing existing risk policies.
- Provide scalable authentication for bursty services: protect existing IdPs from load spikes and minimize service disruptions.
- Synchronize service identities between environments: allow services running in one dynamic environment to assume identities in other dynamic and/or static environments (and vice versa).
- Build a foundation for a zero-trust enterprise: establish a standards-based, fine-grained service authentication layer to support zero trust between services running on trusted enterprise IT assets, including those in the cloud.
“The last evolution in enterprise identity focused on humans; the current one focuses on services,” said Scytale CEO Sunil James.
“As the Fortune 2000 increasingly adopt dynamic computing technologies such as containers, microservices, serverless, and beyond, Scytale Enterprise will enable security and infrastructure engineers to automatically issue and broker continuously-attested cryptographic identities to any service running on any platform anywhere on the planet.
“Since these identities derive from centrally-defined policies, our users can also continuously assess and optimize service-to-service trust levels accordingly.”