Analytics
1/9/2013
03:48 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Aveksa Adds Authentication And Single Sign-On To Cloud-Based Identity And Access Management Platform

MyAccessLive SSO now securely connects users to all on-premise and cloud-based Web applications

Waltham, Mass.--January 7, 2013--Aveksa today announced new Single Sign-On (SSO) capabilities for MyAccessLive, Aveksa's Cloud-based Identity and Access Management offering.

With the new MyAccessLive SSO capabilities, the Aveksa cloud platform now securely connects users to all on-premise and cloud-based web applications. It includes a wide range of sign-on options including multi-factor authentication and desktop SSO, and leverages a standards-based framework with pre-built support for thousands of applications. It also includes mobile device support for improved security and accessibility. With this offering, Aveksa uniquely brings a holistic, business-driven approach to SSO, delivering easy application and user on-boarding for IT, while providing simple "one click" access for line-of-business users. Key elements of the new SSO capabilities include:

· Pre-built SSO connectors for thousands of SaaS applications

· A simple, standards-based framework for application onboarding

· "One click" access to applications through desktop and mobile portals

· Easy directory integration for rapid deployment

· Support for policy-based strong authentication, including multi-factor and one-time password

· Desktop SSO for transparent user access to applications

· Support for on-premise web applications

These new capabilities are part of Aveksa's MyAccessLive, a cloud-based offering that provides organizations an easy way to quickly obtain visibility of who has access to what IT resources, and ensure that access is appropriate, based on each user's role and job responsibilities. With these new integrated Single Sign-On capabilities, Aveksa now offers the industry's most complete IAM platform, comprising Identity and Access Governance, Provisioning and SSO Authentication.

With this complete, integrated platform, organizations can quickly, easily and securely:

· Establish business processes which control users' access to all applications, whether on-premise or cloud-based

· Ensure users have only appropriate access to applications, based on a complete picture of users' roles, responsibilities and job functions

· Enable Single Sign-On to cloud and on-premise applications through a unified platform

"Today's enterprises need a comprehensive IAM solution, with integrated governance, provisioning and authentication," said Deepak Taneja, Chief Technology Officer, Aveksa. "With our new SSO capabilities, companies can now meet this need, regardless of whether their IAM systems are deployed on-premise or in the cloud. By delivering the industry's most complete Identity and Access Management solution, Aveksa is enabling enterprises to gain full visibility and control of user access, across all applications."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.