Analytics
12/4/2012
09:05 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Aveksa Releases Version 6.0 Of Its Identity And Access Management Software Platform

Aveksa 6 enables enterprises to standardize on a single, centralized database for all identity and access information

Waltham, Mass.—December 3, 2012—Aveksa, Inc., today announced the latest version of its Identity and Access Management platform. Aveksa 6 is designed specifically to help enterprises fully scale their IAM initiatives and manage the “big data” that is now typically associated with Identity and Access Management deployments. New features include:

· Massive performance and scalability features to handle today’s expanded identity data sets

· Aveksa Exchange, an online community for Aveksa customers

· Wider support for the collection and fulfillment of SaaS applications

Gartner analyst Earl Perkins stated in a recent IAM research report, “As IAM implementations continue to grow in number, size, scale and complexity, a more structured and mature approach to managing identity data must occur. Enterprises must rethink the practices to build IAM data and log models, and governance of them.”[1]

Organizations today face two major challenges when it comes to extending Identity and Access Management initiatives across the enterprise. First, they face severe limitations in the ability to scale IAM processes to tens of thousands of users and millions of user entitlements. Secondly, their current IAM solutions are not able to scale or integrate diverse data from a broad set of systems inside and outside the enterprise.

The ability to handle this “Big Identity Data”, which reflects the drastically increased scale, scope and complexity of the enterprise, is a critical requirement to successfully meet today’s and tomorrow’s security challenges. Aveksa 6 is designed to help organizations scale to meet these challenges, while still delivering value rapidly and cost-effectively. Primary new capabilities include:

Massive Scale

Aveksa 6 enables enterprises to standardize on a single, centralized database for all identity and access information, from within and beyond the enterprise. Aveksa 6’s scalability has been successfully demonstrated at recent POCs, where a single Aveksa system successfully loaded and processed over 186 million entitlements across 36 million accounts, and performed user access reviews for over 30 million user access items. To support its scalability testing efforts, Aveksa has established a state-of-the-art performance lab in the company’s new global headquarters in Waltham, Massachusetts.

Integrations to Better Manage “Big Identity Data”

Organizations today face enormous challenges managing the rapidly growing data that resides across the enterprise. The expansion of managing identity access to the cloud and mobile devices has only added to this challenge. Aveksa 6 helps enterprises better manage and control Big Identity Data by enabling them to utilize Identity and Access business context across a wider range of IT security areas. For example, Aveksa 6 provides bi-directional interoperability with Security Information and Event Management (SIEM) systems, such as the HP ArcSight Security Intelligence platform, for which Aveksa recently received HP ArcSight certification. Additionally. Aveksa 6 now provides support for collecting from and fulfilling to a broader set of SaaS applications.

Aveksa Exchange

For many years IT organizations have expressed frustration with the cost and time required to deploy traditional IAM solutions. Aveksa’s architectural approach, emphasizing configuration rather than customization, has allowed Aveksa customers to enjoy the fastest time-to-value and lowest cost of ownership in the industry, with over 70% of customers going live within 4 months of purchase, and with over 90% of its install base in production. With its latest release, Aveksa continues to help enterprises easily and cost-effectively operate their IAM programs by introducing the Aveksa Exchange, an online community where customers and partners can discuss, buy, sell, and exchange components that extend the Aveksa platform.

“Through evolving innovation in product functionality and scalability, Aveksa has established itself as a leader in the Identity and Access Management market,” said Deepak Taneja, Chief Technology Officer, Aveksa. “With Aveksa 6 we significantly raise the bar for IAM by providing the industry’s most scalable and extensible solution. Customers using Aveksa 6 have a true “enterprise” solution that can handle all of their growing IAM requirements while integrating with their other key IT security solutions to maximize efficiency.”

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.