Privileged Password Manager’s Application Password Management Capabilities
Closing the Embedded Application Password Hole
One of the most vulnerable — but often overlooked — aspects of IS security is the embedded passwords required as applications talk to each other or to databases. Often these passwords are hard-coded in scripts, procedures and programs with simple CLI or API calls. As a result, passwords that grant access to some of an organization’s most sensitive data are vulnerable: they can be known by a high number of knowledge workers, haven’t been evaluated (or changed) in years and may exist outside of established security and compliance practices.
Privileged Password Manager’s application password management capabilities eliminate unnecessary security exposure by replacing hard-coded application and database passwords with programmatic calls that dynamically retrieve account credentials. Features include:
Programmatic Access – Includes both a command-line interface (CLI) and an application programming interface (API) with access for C++, Java, .NET and Perl. Connectivity is via SSH with DSS key exchange.
Role-based Access – Supports role-based access for the CLI and API. You add a “programmatic” user with either “basic” access or “admin” access. Basic access enables the CLI or API to request account passwords and be granted access for authorized targets or accounts; this is appropriate, for example, for a “Requestor.” Admin access enables the CLI or API to perform administrative tasks.
Optimal Performance – Natively executes approximately 100 call requests per minute. For applications requiring higher performance, the appliance supports an optional cache that supports more than 1,000 password requests a second, satisfying the requirements of your most demanding applications.
Extensive Command Set – Executes a comprehensive set of commands via the Application Password Manager CLI or API. Beyond simple “Get Password” commands, the solution supports extensive admin-level commands to provide tight integration with existing enterprise tools and workflows.