CISA Zero Trust Security Model What it means for API Security

Identity

“An identity refers to an attribute or set of attributes that uniquely describe an agency user or entity. Agencies should ensure and enforce that the right users and entities have the right access to the right resources at the right time.”

Authentication

Traditional

Agency authenticates identity using either passwords or multi-factor authentication (MFA)


Advanced

Agency authenticates identity using MFA


Optimal

Agency continuously validates identity, not just when access is initially granted.

Authentication Icon
How Corsha Helps

Corsha gives you the ability to continuously validate the identity of entities by giving users the option of enforcing MFA on every API call

Group 12@2x
How Corsha Helps

Corsha assigns dynamic identities to all machines (entities) that access your APIs whether they are in the cloud, on premise or working together in a hybrid environment

Identity Stores

Traditional

Agency only uses onpremises identity providers.


Advanced

Agency federates some identity with cloud and onpremises systems.


Optimal

Agency has global identity awareness across cloud and on-premises environments

Automation & Orchestration Capability

Traditional

Agency manually administers and orchestrates (replicates) identity and credentials.


Advanced

Agency uses basic automated orchestration to federate identity and permit administration across identity stores.


Optimal

Agency fully orchestrates the identity lifecycle Dynamic user profiling, dynamic identity and group membership, just-in-time and just-enough access controls are implemented

Automation & Orchestration Capability icon
How Corsha Helps

Corsha provides a fully automated and cryptographically verifiable platform to assign, rotate and manage dynamic identities of all of the machines and groups of machines that are accessing your APIs, giving you the ability to also revoke access to a machine or group of machines in real-time.

Corsha's Alignment to the
Identity Pillar

Identity will form a core component of an agency’s ZTA. Least privilege access, which underpins zero trust, depends on the ability to assure the identity of the entity receiving access. The Zero Trust Maturity Model moves away from simply using passwords to validate identity and instead uses a combination of factors to validate and continuously verify that identity throughout the duration of their interactions with services or data.

As agencies migrate services to the cloud, their users will have identities among a variety of providers. To effectively manage these identities and align security protections holistically, agencies will need to integrate their on-premises identities with those in the cloud environments. These integrated identities, however, can increase the attack surface of the agency because a compromised identity or identity provider may permit access across the broader agency environment.

How Corsha Helps

Corsha’s identity-first platform gives the ability to assure the identity of your machines (entities) that are receiving access. Corsha’s platform ensures you can move away from static passwords (keys and certificates) and use a combination of machine identity and a one-time use MFA credential to validate identities. Rather than verifying the identity at the beginning of each session, Corsha’s technology helps you continuously verify that identity on every API call.

Get started today

Reach out today to request a demo

Request a Demo
Contact Us