Corsha allows for easy provisioning of cryptographic identities, automatic rotation, utilization of one-time-use credentials, and real-time access control for every trusted API client in your core application infrastructure. To further expand the management of your machine identities, the Corsha Identity Provider for Machines can now import your existing Microsoft Entra ID secrets to provide an agentless solution for viewing, discovering, and managing the use of those identities.
Many organizations are still figuring out how to manage the rapid expansion of their machine identities. This shift highlights a need for a single dashboard that can show identity usage, behavioral analysis, and administrative options. Additionally, not all API clients are internally managed, so the hygiene and use of the API secrets from third-party machines becomes a new threat vector.
Microsoft Entra ID identities can be imported into the Corsha Identity Platform. This import includes machine identities using client secrets or certificates, as well as user principal names. After importing, Corsha will monitor all client secrets and certificates for App Registrations within your Azure Tenant. Any traffic using one of those identities will be shown as a “managed” identity, giving stronger visibility and control in how that identity is being used. By importing and syncing directly from Microsoft Entra ID, the source of the provisioned identities is maintained while giving you discovery and usage of those secrets.
With the import of machine identities from Entra ID, Corsha can now perform advanced analysis on the use of those identities. If a credential gets used from multiple different IP addresses, the Corsha Console can show this re-use and let you drill into that data. Corsha administrators can see the amount of traffic from each IP address and see the individual requests that were made.
Corsha can also show you violations of secret lifecycle policies, including:
The Corsha Console displays API traffic details for all requests. You can then view this traffic through a variety of lenses, including:
The Corsha Console can now show the status and details of your deployed Gatekeepers. This view gives you the real-time status of all services being protected by the Corsha Gatekeeper as well as all traffic being generated by the clients of those services. Drill-down options exist for all successful and failed traffic requests across multiple protocols, including HTTP, OPC UA, and Modbus TCP.
Corsha Gatekeepers can now be deployed in bidirectional mode, where they act as both an authenticator to add MFA credentials to an outbound API call, and as a gatekeeper to check the inbound traffic for MFA tokens. This greatly simplifies the deployment of Corsha for services that both receive API requests as well as send outbound API requests. Management of these Dual Gatekeepers in the Corsha Console allows you to allow or deny access for either direction independently for maximum control of machine communication.
An Agentless Solution: While Corsha’s MFA technology provides the highest trust of a machine identity, not all API clients and workloads can be paired with an authenticator. In these scenarios, management of the API secrets and visibility into machine traffic allows for authentication that adapts to the identifying features of the API client. The Corsha Gatekeeper can manage requests from both agentless clients as well as authenticator-based deployments at the same time.
Discovery and Visibility: By using the Corsha Gatekeeper in front of your API services, all API requests can be viewed and analyzed in real time. This provides a single pane of glass to see how machine identities are used and if secrets are being shared or stolen.
Easily Integrate with Existing IdPs: Organizations that provision app secrets and machine credentials through Microsoft Entra ID can utilize Corsha to automatically import those known identities. This integration helps you maintain a single source of truth while getting extended visibility and management.
Manage Usage of Provisioned Secrets: Once app secrets are provisioned, it’s challenging to enforce policies on usage and distribution. Corsha can now help you view the usage patterns of these secrets and prevent misuse by blocking reused credentials or scheduling access based on need.
The latest version of Corsha provides you with all of these features and benefits, with options for both on-premise and cloud deployment options. Contact us to learn more about how Corsha can serve as your identity provider for machines. Current customers using Corsha Enterprise can work with your technical account manager to upgrade to this latest release. Corsha Cloud customers will be notified when the upgrade is complete on their managed deployment.