Scytale Enterprise, industry-first service identity platform, allows you to easily and securely extend Kerberos-based authentication infrastructure to the cloud. The solution securely issues short-lived credentials from on-premises identity providers (IdPs) such as Active Directory to cloud and container-based services. It also enables cloud services to access on-premise services without exposing IdPs to the public internet or breaking or changing existing risk policies.
Scytale Enterprise achieves the above through two core capabilities:
Scytale Enterprise orchestrates a zero-trust attestation process that can lean on a configurable union of trusted third parties to provide a strongly attested identity, based on SPIFFE open standard (backed by the Cloud Native Computing Foundation), for cloud (and optionally, on-premises) services. Service identity is thus conferred by a detailed set of identifying attributes of the service in question, rather than by the presence of a service ticket or an IP address. Scytale Enterprise thus provides a highly trusted identity in dynamic environments and avoids the pitfalls of conventional secrets management.
Having established the multi-factor identity a service, it is then necessary to be able to deliver to it a scoped, short-lived Kerberos ticket. Scytale Enterprise includes an identity brokering capability in which a SPIFFE-identified service may obtain a short-lived Kerberos service ticket from an identity provider. Theseshort-lived credentials are then delivered directly to the service via a channel secured by the multi-factor authentication process described above.
Strengthen your security posture and protect your existing investments
Boost staff and developer productivity
Speed cloud and container adoption
Reduce time to market from weeks to minutes