“An identity refers to an attribute or set of attributes that uniquely describe an agency user or entity. Agencies should ensure and enforce that the right users and entities have the right access to the right resources at the right time.”
Agency authenticates identity using either passwords or multi-factor authentication (MFA)
Agency authenticates identity using MFA
Agency continuously validates identity, not just when access is initially granted.
Corsha gives you the ability to continuously validate the identity of entities by giving users the option of enforcing MFA on every API call
Corsha assigns dynamic identities to all machines (entities) that access your APIs whether they are in the cloud, on premise or working together in a hybrid environment
Agency only uses onpremises identity providers.
Agency federates some identity with cloud and onpremises systems.
Agency has global identity awareness across cloud and on-premises environments
Agency manually administers and orchestrates (replicates) identity and credentials.
Agency uses basic automated orchestration to federate identity and permit administration across identity stores.
Agency fully orchestrates the identity lifecycle Dynamic user profiling, dynamic identity and group membership, just-in-time and just-enough access controls are implemented
Corsha provides a fully automated and cryptographically verifiable platform to assign, rotate and manage dynamic identities of all of the machines and groups of machines that are accessing your APIs, giving you the ability to also revoke access to a machine or group of machines in real-time.
Identity will form a core component of an agency’s ZTA. Least privilege access, which underpins zero trust, depends on the ability to assure the identity of the entity receiving access. The Zero Trust Maturity Model moves away from simply using passwords to validate identity and instead uses a combination of factors to validate and continuously verify that identity throughout the duration of their interactions with services or data.
As agencies migrate services to the cloud, their users will have identities among a variety of providers. To effectively manage these identities and align security protections holistically, agencies will need to integrate their on-premises identities with those in the cloud environments. These integrated identities, however, can increase the attack surface of the agency because a compromised identity or identity provider may permit access across the broader agency environment.
Corsha’s identity-first platform gives the ability to assure the identity of your machines (entities) that are receiving access. Corsha’s platform ensures you can move away from static passwords (keys and certificates) and use a combination of machine identity and a one-time use MFA credential to validate identities. Rather than verifying the identity at the beginning of each session, Corsha’s technology helps you continuously verify that identity on every API call.