For the past two years we have been working on something very different from the other vendors in the Privileged Access market.
Behind this effort is our belief in thinking outside the box and solving customer issues traditional approaches have not been well suited for.
Just because we are biased does not mean we are wrong
The different thing we have been working on is, of course, PrivX, our lean and multi-cloud scale Privileged Access Management solution.
We have thought all along that we are creating something cool and important but we could be accused of bias – PrivX is our creation, after all, and like everyone else, we love our own baby.
To make sure the greatness of PrivX is not just in our own heads, we have been working closely with Martin Kuppinger and the whole KuppingerCole organization (and many other analyst firms) for the past year and discussing the future of Privileged Access and Identity Management markets.
KuppingerCole's brand new Executive View Report confirms that we are on the right track. The conclusion of the report reads:
We strongly recommend taking a look at PrivX that offers a unique alternative to standard password vaulting and session management approaches.
We like the sound of that!
The password vault is dead. Long live ephemeral certificates!
We noticed time and time again in our conversations with our current and prospective customers that deployment time and end user experience were key considerations in PAM projects, yet poorly addressed by existing solutions.
Deploying something in hours is perfect, days is ok, but deployment times running into months or even years are simply not acceptable and they kill business momentum and raise costs.
Martin Kuppinger writes in the Executive view report:
PrivX focuses on setting up secure connections to servers and controlling access within these sessions, without the conventional vaulting of passwords and thereby reducing the overheads commonly associated with the password vaulting approach of existing PAM tools.
The conventions-defying method in PrivX is using ephemeral certificates that are generated on the fly and that expire automatically, once the authentication is done. There are simply no credentials to rotate or manage. There are also no agents to install on servers or clients (like with vault-based systems) which reduces the complexity of the setup immensely. Privileged users establish the secure sessions through PrivX without permanent leave-behind credentials that can be lost, misconfigured or stolen. This makes both the deployment, maintenance and user experience of unlike anything you've seen before.
Read more about how PrivX also automates manual routines, supports 1-click access for privileged users and makes access administration a cakewalk right here.
From legacy to next generation
The current crop of PAM solutions are based on requirements from another, altogether different era with different needs. Martin Kuppinger touches upon this in the report:
The PrivX tool focuses on managing access to privileged sessions and control about these sessions in a lean, scalable way that works well for today’s agile environments. In today’s IT, setting up servers in the cloud and running DevOps environments with masses of servers and containers is the norm. However, in such dynamic environments, traditional PAM approaches that are focused on managing every server and the privileged access to these servers in a rather static way, tend to fail.
A solution built to address previous generation problems simply cannot be very effective in addressing pressing challenges that include multi-cloud and hybrid environments as well as the business need to use 3rd parties and experts fro long-term or temporary projects.
The rapidly growing number of identities, increasing dynamism caused by the cloud transformation, and the changing idea of a good user experience have made the playing field very different and require a new approach; one that minimizes friction and supports the speed of business – a next-generation approach precisely like PrivX.
Best of breed or tick the legacy boxes?
PrivX may not be your cup of tea: it does not have all the bells and whistles usually associated with traditional PAM solutions. Then again, a F1 race car does not have cup holders, either.
We've started with what we have identified together with our customers and analysts as the core components of a next-generation PAM solution and made them fast, smooth, and secure.
When you select a PAM solution, you should consider your use cases and the central pain points that you want to solve. Then you might want to consider your ROI: would you like to have a slow and expensive solution with a ton of features rarely (or, more likely, never) used or rather a streamlined solution that solves the key issues and produces stellar ROI?
What about analytics?
While PrivX has very robust logging features and beautiful dashboards, it is light on analytics capabilities – on purpose.
As stated earlier, we believe in best-of-breed as opposed to tick-the-boxes. What a modern enterprise needs is seeing the big picture through a single pane of glass. The best-of-breed in this instance is called Security Information and Event Management or SIEM in short. PrivX interfaces with common SIEM systems where the dashboards and data relevant for the security organization reside and show the ultimate big picture.
And whither then...
The author and speaker Earl Nightingale famously said: "All you need is the plan, the road map, and the courage to press on to your destination."
We have those in galore. We develop PrivX in close cooperation with our partners and customers and constantly introduce new innovations and features – features that solve real problems instead of simply ticking RFP boxes.
Maybe we should have a chat?