Press release

Aporeto Expands Comprehensive Zero Trust Security Solution with Privileged Access Management and Identity-Aware Proxy

Sponsored by Businesswire

Aporeto, the
leader in Identity-Powered
Cloud Security
, today announced the immediate availability of Cloud
Privileged Access Management (PAM)
for infrastructure and Identity-Aware
for modern applications. These new services represent a
significant expansion of the Aporeto Zero Trust security solution to
protect user access to applications and infrastructure. When implemented
along with Aporeto’s Distributed
, which enables workload identity-based microsegmentation,
the new combined offering represents the most comprehensive Zero Trust
security solution available for modern applications and infrastructures.

The Aporeto platform abstracts security away from the IP infrastructure
to address application segmentation requirements and improves the risk
posture of any application. With centralized management and distributed
enforcement, policies protect applications on premises, on public
clouds, or as they migrate between the two. The adherence of security
policies to application components rather than the infrastructure makes
them portable and persistent.

Aporeto delivers a Zero Trust security solution by bringing the power of
Identity to cloud infrastructure, providing single sign-on (SSO)
authentication, visibility, and authorization controls for heterogeneous
workloads on-premises or in any public cloud. By leveraging capabilities
already present in industry standards such as OpenSSH and OpenID Connect
(OIDC), organizations can dramatically improve their security posture
without modifying any underlying application. Aporeto limits a user’s
interaction with any part of enterprise infrastructure based on his
identity, including user-context information, and based on policy. This
capability enables enterprises to comply with regulations without the
need to manage SSH keys or VPN tunnels.

“We see customers continuing to struggle with managing secure access to
applications and infrastructure, from privileged insiders accessing
servers and cloud images to end users who need secure access to Web
applications or APIs,” said Jason Schmitt, CEO of Aporeto. “With the
Aporeto identity-based cloud security platform, we are able to
authenticate, authorize, and encrypt every interaction within your cloud
infrastructure, providing just-in-time access to what’s needed, when
it’s needed and only when policy explicitly allows it. We’re helping
customers throw out the old paradigm of appliance-based perimeter
security, like firewalls and VPNs.”

Cloud PAM
provides just-in-time server access with visibility and
control for any server on your infrastructure, providing:

  • Elimination of SSH key management complexities
  • Access controls based on the user’s authenticated identity and
    time-bound policies
  • Just-in-time SSH access, with SSH certificates
  • Compatibility with OpenSSH nodes
  • SSO with OIDC-compliant 3rd-party IDPs
  • Logging of all CLI commands issued by users for auditability and
  • Seamless integration with Aporeto’s Distributed Firewall for
    networkless micro-segmentation

Identity-Aware Proxy
enables VPN-less access to corporate web
applications and APIs by using identity and context to control access.
The benefits are:

  • Elimination of VPNs and API gateways to manage secure access to web
  • Enablement of OIDC compliant authentication and authorization with
    zero code changes, offloading strong access control from business logic
  • Enforcement of granular authorization policies based on user identity,
    differentiating between corporate users, B2B partners, and contractors

“We are excited about our partnership with Aporeto and showcasing these
new Zero Trust services to our customer base,” said Jimmy Xu, Practice
Lead, DevSecOps & Cloud Security at Trace3. “We already have had great
traction with our customers with Aporeto’s workload identity-based
microsegmentation product and look forward to meeting the most demanding
security needs of enterprise customers looking for privileged access
management solutions as part of their cloud adoption journey.”

About Aporeto
Aporeto is the leader in Identity-Powered
Cloud Security for hybrid and cloud environments. Rather than relying on
IP addresses or simple token identifiers, Aporeto microsegments
enterprise infrastructure and applications based on cryptographic
workload and user identities for a Zero Trust posture. The solution
protects against attacks and prevents lateral movement with application
policies that are portable and persistent for end-to-end visibility and
centralized management. The Aporeto platform future proofs your
infrastructure and delivers stronger cloud security, simpler operations,
and better ROI for any infrastructure at any scale. Learn more at