Banyan’s Continuous Authorization Can Grant or Revoke Access to Sensitive Engineering Environments and Applications in Real-time Based on TrustScore
SAN FRANCISCO—Oct. 20, 2020—Banyan Security today announced that its Zero Trust Remote Access Platform now includes features specifically designed to help engineers and software developers access the critical engineering resources and environments they need while providing a uniform security posture across the entire corporate organization without the burden of a VPN. Banyan’s platform provides simple and secure access to key developer resources such as the Kubernetes API server, development environments, Linux and Windows servers, web applications, IaaS, and SaaS resources based on the sensitivity of the application and the data, as well as the user, device type, and security posture. Banyan’s real-time, continuous authorization provides the ability to revoke access mid-session based on the Banyan TrustScore which continuously reflects the user’s security posture, accounting for user privilege changes, or their devices being compromised.
“Engineers access the company’s crown jewels on a regular basis, and that makes them a prime target for hackers,” said Jayanth Gummaraju, co-founder and CEO of Banyan Security. “In a single day engineers or contractors with different privileges might have to access everything from internal servers to AWS or Azure to Kubernetes to GitHub. It’s an incredibly complex security problem to manage access for multiple personas to each resource and it requires a much more nuanced solution than VPNs to keep them safe.”
Engineering departments including software developers, DevOps, and customer success engineers need access to test, staging, and production environments, as well as access to remote servers and databases. Companies have to provide fast and differentiated access to each user based on which resource they’re accessing, their level of privilege, and the device they’re using to access. These resources often include sensitive data such as PII, security keys, and source code, as well as provide critical infrastructure for the company. Known VPN vulnerabilities along with a poor user experience have created a need for alternate methods of access to these valuable resources.
Colin Rand, Banyan Security VP of engineering explains, “The type of access each team needs is quite different. Perhaps your SRE needs access to production environments to see why a load balancer is misbehaving, but does the on-call developer supporting them need access? The DevOps team wants access to the build and development tools, such as the git and build servers, plus cloud environments, but should they have full access to production? Each access decision requires discussion and design. What was previously one size fits all now works for none.” For more detail see Rand’s recent blog post, “Secure Remote Access – An Engineer’s Pain.”
Banyan shifts the model for remote access by assigning a TrustScore to each request that grants and monitors access based on trusted users, devices, and privilege, and then continuously reevaluates that trust throughout the duration of the access. This continuous authorization allows the platform to constantly verify privilege and trust across multiple parameters. Banyan leverages a company’s existing security investments in identity and access management (IAM), mobile device management (MDM), endpoint detection and response (EDR), or user behavior analytics (UEBA) to create and maintain user and device trust score. If any of those services report a compromise or detect a vulnerability, Banyan re-assesses the TrustScore and can revoke access to a session immediately, minimizing risk.
Banyan is the only end-to-end zero-trust platform that supports all applications, services, and developer infrastructures, including on-prem, cloud, and hybrid architectures. The Banyan Zero Trust Remote Access platform provides seamless developer access with full support for server and service access with policy control at the API level and control points that are fully controllable within the datacenter. Prior to Banyan, secure access to these resources has been limited to large engineering organizations with dedicated teams. Banyan makes these security capabilities available to developers everywhere.
Banyan’s Zero Trust Remote Access Platform includes features designed specifically for remote access to engineering-related resources, including secure access to services including the Kubernetes API server and database access, as well as advanced web app access for applications hosted on-prem, in public clouds like AWS or Azure, or SaaS applications. Banyan also includes secure server SSH and RDP access for third-party privileged access to servers storing and managing data via SSH and RDP.
Banyan Zero Trust Remote Access platform with advanced engineering features is available now. For more information on Banyan Security, visit www.banyansecurity.io.
About Banyan Security
Banyan Security’s next-generation secure remote access platform provides seamless and productive access to all hybrid and multi-cloud apps and resources while ensuring dynamic, real-time protection, using an application-centric approach that eliminates the reliance on network-based controls. The Banyan platform is based on zero-trust principles and the implementation strategies of BeyondCorp to shift access controls away from untrusted networks, allowing customers to own and control their own data in their own environments. Banyan’s highly scalable platform is currently used by enterprises across verticals, including finance, healthcare, manufacturing, and technology. To learn more, visit www.banyansecurity.io.
###
Media Contact:
Chris Fucanan
AquaLab PR for Banyan
chris@aqualabpr.com
916-684-9781