Introducing Scytale Enterprise 1.0
In March, I wrote briefly about breathing life into SPIFFE, and I also announced Scytale Enterprise, which simplifies how cloud-based services authenticate with on-premise services by stitching together and creating a common view of an enterprise’s varying identity directories, including Active Directory. Scytale Enterprise runs in the cloud and on-premise, and can be purchased as an annual subscription.
Since then, my fellow Scyphers and I have met with ~75 security and infrastructure engineers interested in simplifying service authentication. We’ve learned the in’s and out’s of how these Fortune 2000s have long managed service-to-service authentication, and how much they want to replace their “glue code” with vendor-backed, future-proof infrastructure platforms like Scytale Enterprise … especially those built upon rock-solid OSS. Most of these engineers are just beginning to evolve their toolkit to accommodate the increasing number of distributed, dynamic applications being built by their software developers. These folks see the approaching authentication “tidal wave;” others don’t.
Today, I’m proud to announce Scytale Enterprise 1.0. This release focuses on three major capabilities: usability, stability, and scalability. Since March, we’ve been exercising Scytale Enterprise across these vectors to better understand how to simplify an enterprise’s adoption of our service identity and authentication platform. We’ve done a lot of work, including developing a completely re-vamped, web-based user interface that helps enterprise security and infrastructure engineers:
- Extend Kerberos-based identity providers (IdPs) to dynamic services: enable cloud and/or container-based services to have authenticated transactions with static services without 1) exposing Kerberos-based IdPs to the Internet, nor 2) changing existing risk policies.
- Provide scalable authentication for bursty services: protect existing IdPs from load spikes and minimize service disruptions.
- Synchronize service identities between environments: allow services running in one dynamic environment to assume identities in other dynamic and/or static environments (and vice versa).
- Build a foundation for a zero-trust enterprise: establish a standards-based, fine-grained service authentication layer to support zero-trust between services running on trusted enterprise IT assets, including those in the cloud.
As I often tell our customers and investors, the last evolution in enterprise identity focused on enabling humans to authenticate across the web; this one focuses on enabling services to authenticate across the web. As our Fortune 2000 customers increasingly adopt dynamic computing technologies such as containers, microservices, serverless, and whatever comes next, Scytale Enterprise will be there to automatically issue and broker continuously-attested cryptographic identities to any service running on any platform … anywhere on the planet. Give it a try and let us know what you think.