Scytale Releases Enterprise Identity Platform at Gartner Security & Risk Management Summit to Scale Service-to-Service Authentication

Scytale Enterprise 1.0 enables zero trust by delivering continuously attested service identity across cloud, container, and on-premise enterprise IT infrastructure.

Gartner Security & Risk Management Summit, National Harbor, Md.<June 18,2019 10 AM EST> – Scytale Inc. today released Scytale Enterprise 1.0, a SaaS platform that enables security and infrastructure engineers to standardize, scale, and accelerate service-to-service authentication across dynamic and static enterprise IT infrastructure while minimizing risk and increasing operational efficiency.

Modern enterprise applications are increasingly being built upon interconnected software services that are often managed by different lines of business. These services are deployed on platforms that often include capabilities like cloud hosting, elastic scaling, and container orchestration. The recent explosion in both the number of services and underlying platforms  creates substantial service-to-service authentication challenges.

Security products, such as network/application firewalls and API gateways, and authentication protocols such as Kerberos and oAuth, are not addressing the service-to-service authentication needs of modern enterprise applications. According to recent research by Scytale, 93% of IT executives are concerned about their service authentication credentials, while 83% agree that their technologies and processes to mutually authenticate services cannot scale as their organization adopts a more dynamic, hybrid cloud strategy. Employing continuously-attested identities for services (not humans) helps them take their early “zero trust” steps.

“Zero trust is an initial step on the roadmap to CARTA (Continuous Adaptive Risk and Trust Assessment) — a strategic framework for information security where dynamic levels of risk and trust are continuously assessed and security infrastructure is adapted to optimize the level of trust extended,” said Gartner Distinguished VP Analyst Neil McDonald in the December 10, 2018 Gartner report Zero Trust Is an Initial Step on the Roadmap to CARTA. The report goes on to say,  “CARTA expands the notion of zero trust to lean trust — just-in-time, just-enough capabilities — given the current context and risk tolerance of the enterprise, and continuously monitoring, assessing, and adapting to improve the enterprise security posture. By applying CARTA-inspired lean trust concepts to areas of excessive trust in your enterprise, starting with the network and extending to other areas, you can significantly improve your security posture in 2019 and beyond.”

Scytale Enterprise 1.0 encapsulates service-to-service authentication complexities by harmonizing identity provider (IdP)-generated service identities that span static and dynamic enterprise IT environments. This enables security and infrastructure engineers to:

  • Extend Kerberos-based IdPs to dynamic services: enable cloud and container-based services to have authenticated transactions with static services without 1) exposing Kerberos-based IdPs to the Internet, and 2) changing existing risk policies.
  • Provide scalable authentication for bursty services: protect existing IdPs from load spikes and minimize service disruptions.
  • Synchronize service identities between environments: allow services running in one dynamic environment to assume identities in other dynamic and/or static environments (and vice versa).
  • Build a foundation for a zero-trust enterprise: establish a standards-based, fine-grained service authentication layer to support zero trust between services running on trusted enterprise IT assets, including those in the cloud.

The last evolution in enterprise identity focused on humans; the current one focuses on services," said Scytale CEO Sunil James. "As the Fortune 2000 increasingly adopt dynamic computing technologies such as containers, microservices, serverless, and beyond, Scytale Enterprise will enable security and infrastructure engineers to automatically issue and broker continuously-attested cryptographic identities to any service running on any platform anywhere on the planet. Since these identities derive from centrally-defined policies, our users can also continuously assess and optimize service-to-service trust levels accordingly."

Scytale will be demonstrating Scytale Enterprise at Gartner Security & Risk Management Summit 2019 (Booth#1149).

About the Gartner Security & Risk Management Summit 2019

The Gartner Security & Risk Management Summit 2019 features programs focusing on key topics such as business continuity management, cloud security, privacy, securing the Internet of Things (IoT), and the chief information security officer (CISO) role. Gartner analysts will explain the latest information on new threats to enable digital business in a world of escalating risk.

About Scytale

Founded in 2017 by seasoned engineers from Amazon Web Services, Google, Okta, PagerDuty, and Duo Security, Scytale helps enterprise security engineering teams standardize, scale, and accelerate service authentication across cloud, container, and on-premise infrastructures. For more information, please visit https://www.scytale.io.

Resources