API is Ideal for DevOps Use Cases
The PowerBroker Password Safe API is available to BeyondTrust Technology Alliance Program partners. Become a partner by registering here.This offering is designed to provide better security for all applications that require a user or application to enter static credentials for normal operations. Instead, developers can call the PowerBroker Password Safe API and retrieve the latest credentials for the user, application, infrastructure, cloud solution, or database to authenticate and release the credentials upon termination of the session. This can trigger automatic randomized cycling of the password or other automated processes to meet business objectives. The end user is never exposed to the username or password and all authentication is performed silently behind the scenes with complete activity auditing if desired. Management of the credentials, API, and assets is all provided from within BeyondInsight, PowerBroker’s centralized management, reporting, and analytics console. If you are a commercial application developer, or create custom applications for your business, consider how beneficial it would be to the end user, or other applications, to never require the entry of a username and password for connectivity. End users, like database administrators, never need administrator rights to access a database if the tools retrieve stored credentials automatically. Management tools for services, remote access, and infrastructure automatically recognize the logged on user, the asset they are on, and seamlessly request and pass credentials for the application. This approach far better than any Single Sign On (SSO) solution since credentials can be passed within the application itself, directly from the Password Safe, to secure runtime and avoid hacking techniques like Pass-the-Hash.
How to Access the API
The PowerBroker Password Safe API is available to BeyondTrust Technology Alliance Program partners. Become a partner by registering here. Once you register, you will gain access to our partner program, the public PowerBroker Password Safe API, and sample code to help start your development and make your applications more secure by eliminating the need for end users to ever enter credentials. If you have any questios.Morey J. Haber, Chief Security Advisor
Morey J. Haber is the Chief Security Advisor at BeyondTrust. As the Chief Security Advisor, Morey is the lead identity and technical evangelist at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Privileged Attack Vectors, Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. Morey has previously served as BeyondTrust’s Chief Security Officer, Chief Technology, and Vice President of Product Management during his nearly 12-year tenure. In 2020, Morey was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board, assisting the corporate community with identity security best practices. He originally joined BeyondTrust in 2012 as a part of the acquisition of eEye Digital Security, where he served as a Product Owner and Solutions Engineer, since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. Morey earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.