Analytics
1/9/2013
03:48 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Aveksa Adds Authentication And Single Sign-On To Cloud-Based Identity And Access Management Platform

MyAccessLive SSO now securely connects users to all on-premise and cloud-based Web applications

Waltham, Mass.--January 7, 2013--Aveksa today announced new Single Sign-On (SSO) capabilities for MyAccessLive, Aveksa's Cloud-based Identity and Access Management offering.

With the new MyAccessLive SSO capabilities, the Aveksa cloud platform now securely connects users to all on-premise and cloud-based web applications. It includes a wide range of sign-on options including multi-factor authentication and desktop SSO, and leverages a standards-based framework with pre-built support for thousands of applications. It also includes mobile device support for improved security and accessibility. With this offering, Aveksa uniquely brings a holistic, business-driven approach to SSO, delivering easy application and user on-boarding for IT, while providing simple "one click" access for line-of-business users. Key elements of the new SSO capabilities include:

· Pre-built SSO connectors for thousands of SaaS applications

· A simple, standards-based framework for application onboarding

· "One click" access to applications through desktop and mobile portals

· Easy directory integration for rapid deployment

· Support for policy-based strong authentication, including multi-factor and one-time password

· Desktop SSO for transparent user access to applications

· Support for on-premise web applications

These new capabilities are part of Aveksa's MyAccessLive, a cloud-based offering that provides organizations an easy way to quickly obtain visibility of who has access to what IT resources, and ensure that access is appropriate, based on each user's role and job responsibilities. With these new integrated Single Sign-On capabilities, Aveksa now offers the industry's most complete IAM platform, comprising Identity and Access Governance, Provisioning and SSO Authentication.

With this complete, integrated platform, organizations can quickly, easily and securely:

· Establish business processes which control users' access to all applications, whether on-premise or cloud-based

· Ensure users have only appropriate access to applications, based on a complete picture of users' roles, responsibilities and job functions

· Enable Single Sign-On to cloud and on-premise applications through a unified platform

"Today's enterprises need a comprehensive IAM solution, with integrated governance, provisioning and authentication," said Deepak Taneja, Chief Technology Officer, Aveksa. "With our new SSO capabilities, companies can now meet this need, regardless of whether their IAM systems are deployed on-premise or in the cloud. By delivering the industry's most complete Identity and Access Management solution, Aveksa is enabling enterprises to gain full visibility and control of user access, across all applications."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.