Overview

CyberArk SSH Manager for Machines (formerly known as Venafi SSH Protect) is a comprehensive solution designed to manage the complete SSH machine identity lifecycle. It helps organizations track and organize the vast number of SSH keys used, ensuring none are left exposed for adversaries to exploit. This solution provides visibility and control over thousands or millions of SSH keys, preventing unauthorized access and ensuring compliance with security policies.

Features

• Complete SSH Lifecycle Management: Always be able to see which keys are being used where, by whom, and determine when to rotate them since keys never expire.
• Comprehensive Discovery and Inventory: Discover SSH host and authorized keys throughout your organization and maintain an up-to-date, actionable inventory.
• Batch Remediation and Replacement: Make quick, policy-compliant work of batch remediation and replacement, revoking and rotating SSH keys in bulk through comprehensive automation and policy enforcement.
• Visibility and Control: Establish a clear overview of keys and their trusted relationships, including users, hosts, and configurations. Log when any keys are used, the time used, and who used them.
• Flexible Reporting: Take advantage of flexible reporting capabilities for simplified auditing workflows.
• Policy Enforcement: Define SSH use policies and coordinate the full SSH lifecycle, mapping policy violations to NIST 800-53 with ease.
• Automation: Automate the full SSH machine identity lifecycle to maintain InfoSec oversight and control, completing audits on time and on budget to eliminate potential fines.
• Scalability: Prevent unauthorized access with a fast, automated service that scales to control millions of SSH keys. Mitigate high-priority threat exposure by quickly updating keys in bulk.
• Ease of Use: Generate and rotate SSH keys with a single click, working within a highly secure, highly available platform.
• Integration: Quickly and easily adopt SSH keys and certificates through integrations with multiple configuration solutions. Transition to SSH certificates with the built-in CA or multiple CAs of your choice with defined issuance restrictions.
• Development Support: Use your operating system of choice or take advantage of software development kits for Go, Python, and Java.

Benefits

• Enhanced Security: Prevent misuse and compromise of SSH keys, ensuring that none are left exposed for adversaries to exploit.
• Compliance: Maintain compliance with security policies and standards, avoiding potential fines and ensuring regulatory adherence.
• Operational Efficiency: Automate key management processes, reducing manual effort and minimizing the risk of human error.
• Scalability: Manage thousands or millions of SSH keys efficiently, scaling with your organization's needs.
• Visibility: Gain comprehensive visibility into SSH key usage, ensuring that all keys are tracked and managed effectively.
• Cost Savings: Reduce costs associated with manual key management and potential security breaches.