strongDM Integrates with Okta and Azure AD
February 03, 2022

strongDM announced a major release, featuring deep integrations with Okta and Azure AD and the ability to create and enforce dynamic access rules.

Businesses can now manage least-privilege access to their critical infrastructure directly from their identity provider, simplifying access management workflows and accelerating development cycles—all while supporting Zero Trust security for hybrid and multi-cloud environments.

While identity providers deliver identity-based access for most web applications, critical infrastructure has been the exception. This gap has put the burden on technical staff to manage disparate workflows, track tickets and approvals, duplicate user and group management structures, and adhere to security policies without violating compliance standards.

But today's infrastructure diversity and ephemerality have pushed this problem beyond human scale. Businesses need an access management solution that centralizes and standardizes all controls, supports a Zero Trust access model, and allows admins to automate workflows and manage access as code.

With this release, strongDM enables businesses to enforce a powerful set of access rules based on attributes such as tags, resource types, and geographic location. Also known as attribute-based access control, access is granted dynamically to roles and their users every time a resource gets spun up or torn down.

Dynamic access controls dramatically simplify the management of permissions and are particularly compelling for those companies that have embraced the infrastructure-as-code mantra, have lots of resources (especially ephemeral ones), and require the flexibility of an access control system that can adapt in lockstep with the infrastructure.

"By connecting identity management solutions with privileged access controls, businesses are finally able to bring identity and access together in one workflow without sacrificing usability, security, or speed," said Justin McCarthy, Co-Founder & CTO at strongDM. "On top of that, because DevOps teams continually strive for greater speed and flexibility, dynamic access controls will help them achieve those objectives, especially as environments become increasingly ephemeral."

With these integrations, businesses can do the following directly from Okta, Azure AD, and any SCIM-based identity provider:

- Centralize employee access to every resource, regardless of location or protocol, with one control plane.

- Instantly authenticate, grant, and revoke just-in-time and audited access to databases, servers, and Kubernetes.

- Replace VPNs and bastion hosts with a secure Zero Trust network.

- Temporarily approve elevated privileges for sensitive operations.

With dynamic access controls, businesses can do the following:

- Manage a rapidly growing infrastructure that has lots of resources, especially ephemeral ones.

- Grant access based on a resource's attributes, not the specific physical resource.

- Use human words and simple sentences to create access rules that dynamically change when resources change (i.e., are brought online or go offline).

- Enforce either role- or attribute-based access controls.

Share this

Industry News

March 28, 2024

Check Point® Software Technologies Ltd. announced a collaboration with Microsoft that utilizes the Microsoft Azure OpenAI Service to enhance Check Point Infinity AI Copilot, marking a significant advancement in cyber security AI applications.

March 28, 2024

ArmorCode announced ArmorCode Risk Prioritization, providing a 3D scoring approach for managing application security risks.

March 28, 2024

AppViewX and Fortanix announced a partnership to offer cloud-delivered secure digital identity management and code signing.

March 27, 2024

WaveMaker has updated its platform in response to customer demand for more sophisticated API and code management tools.

March 27, 2024

Vercara announced the launch of UltraAPI™, a product suite that protects APIs and web applications from malicious bots and fraudulent activity while ensuring regulatory compliance.

March 27, 2024

Legit Security announced the launch of its standalone enterprise secrets scanning product, which can detect, remediate, and prevent secrets exposure across the software development pipeline.

March 26, 2024

Progress announced a strategic partnership with Veeam® Software, the #1 leader by market share in Data Protection and Ransomware Recovery, to provide customers with an enterprise-ready cyber defense solution that strengthens the security of their business-critical data.

March 26, 2024

GitGuardian released its Software Composition Analysis (SCA) module.

March 26, 2024

DataStax announced a milestone in its journey to simplify enterprise retrieval-augmented generation (RAG) for developers by integrating with Microsoft Semantic Kernel.

March 25, 2024

Check Point® Software Technologies Ltd. is collaborating with NVIDIA to enhance the security of AI cloud infrastructure. Integrating NVIDIA BlueField DPUs, which feature a broad range of purpose-built, innovative security capabilities, the new Check Point AI Cloud Protect solution will help prevent threats at both the network and host levels.

March 25, 2024

Sentry announced the release of Autofix, an AI-powered feature to debug and fix code in minutes, saving important time and resources.

March 25, 2024

Apiiro announced a product integration and partnership with Secure Code Warrior, the agile developer security training platform, to extend its ASPM technology and processes to the people layer.

March 21, 2024

Progress announced that Progress® Semaphore™, its metadata management and semantic AI platform, was named a Champion in SoftwareReviews’ 2024 Metadata Management Emotional Footprint Awards.

March 21, 2024

The Cloud Native Computing Foundation® (CNCF®) has partnered with Udemy, an online skills marketplace and learning platform.

March 21, 2024

GitLab has acquired Oxeye, the provider of a cloud-native application security and risk management solution.