ConductorOne’s first official Launch Week is coming to an end!
Here is a brief recap of the exciting announcements and launches that are now available to the public.
Announcing Hybrid Infrastructure Support
We announced ConductorOne’s hybrid infrastructure support on Monday, July 24th. ConductorOne supports hybrid infrastructure with a new series of connectors, including LDAP and Active Directory, that connect to all of your self hosted infrastructure. Our Baton SDK also allows you to connect your homegrown or back office support portal directly to ConductorOne to make the platform your homebase for user access and visibility.
These connectors can be hosted with full capabilities to ingest identities and permissions and make access changes, from within your infrastructure, without having to modify ingress or firewall rules. Supporting hybrid infrastructure also means supporting non-cloud native directories and databases. Our new connectors for Active Directory, LDAP, MS SQL Server, MySQL, Postgres, and many more power identity security for your entire environment.
Learn more about ConductorOne’s hybrid infrastructure support on our blog written by product manager, Shruti Banda.
How HashiCorp Achieved Least Privilege Through Just-in-Time Access with Will Bengtson
No one knows the struggles of scaling and managing access to cloud infrastructure better than Will Bengston from HashiCorp. Will is a security researcher, an angel investor, and currently leads the Security Engineering team at HashiCorp. HashiCorp has over 20,000 AWS accounts and 100,000+ IAM groups; they needed a modern approach to managing sensitive access and permissions for these resources, and traditional off the shelf PAM solutions didn’t cut it. So, they did what modern tech companies do in that situation and built a solution for themselves.
On Tuesday, July 25th, the latest episode of the All Aboard Podcast was released. Our CEO and host of All Aboard, Alex Bovee, dives into the world of security engineering and cloud privilege access management with Will Bengston.
Hear Will and Alex talk about the key differences between traditional PAM and cloud PAM and how Will’s team grappled with the explosion of infrastructure accounts and permissions in their environment. Will describes the Security Engineering team at HashiCorp and how they home grew a cloud privileged access management solution with a practical framework and approach for achieving least privilege access.
Check out the full episode on our blog or on your favorite place to listen to podcasts and subscribe to receive notifications of new episodes bi-weekly from numerous security and technology experts.
Announcing Cloud Privileged Access Management
We’ve taken a big step forward in our mission to secure workforce identity with the announcement of our newest product, Cloud Privileged Access Management (CPAM), which was officially launched Wednesday, July 26th.
With CPAM, security engineering and IT teams can manage permissions and enforce policies for cloud infrastructure accounts in AWS, GCP, Azure, Snowflake, and more without getting in the way of productivity for technical users.
Some of the features our customers are excited about are:
- Access management “as code” using Terraform
- Temporary elevated access to privileged roles
- Emergency access workflows
- Command line tool for managing permissions and requests
- Public API access for custom use cases
As our CEO and co-founder says, “Elevating access levels should be seamless and easy… and then the permissions should be gone. This is how least privilege is achieved.”
And our customers agree. Julien Colombain, Software Engineer at Ramp, says “We are able to significantly reduce our standing AWS permissions by moving to just-in-time access. Our CLI tool integrates with ConductorOne so our engineers can access the resources they need without having to worry about missing permissions. Requests are routed efficiently and provisioned automatically. It’s a seamless experience that keeps the team productive and much more secure."
To learn more about CPAM and how it can help your organization, check out the blog, docs,or product page here.
Baton: The Open Source Fabric Powering Identity Security
We have been hard at work updating and adding to Baton, our open-source project. Baton has evolved with ConductorOne, providing the connective tissue communicating and orchestrating identity security workflows to any and all technologies.
What’s new?
Service mode: This makes it possible for you to run Baton in your own infrastructure or on-prem systems, continuously syncing identity and permissions data and orchestrating access changes.
Provisioning support: Almost like a next-gen SCIM, provisioning in Baton lets you make access and fine grained permissions changes back to applications via API calls.
More integrations: Tons of additional integrations including Jamf, Active Directory, Box, Duo, MySQL, Postgres, Zoom, Slack, and so many more.
Baton is the glue that connects an identity security control plane to your environment. We have been hard at work expanding Baton to ensure that any application, homegrown, backoffice, SaaS, you name it, can connect seamlessly to ConductorOne. Baton makes your journey to least privilege possible and we couldn’t be more proud of the continuous evolution of the project.
Learn more about Baton and how it has evolved on theblog post written by our CTO, Paul Querna.
Summary / TLDR
Launch week was chock full of new releases and here are the greatest hits.
Announcing Hybrid Infrastructure Support: ConductorOne supports hybrid infrastructure with a new series of connectors, including LDAP and Active Directory, that connect to all of your self hosted infrastructure.
How HashiCorp Achieved Least Privilege Through Just-in-Time Access with Will Bengtson: Will Bengtson, security researcher, angel investor, and current lead of the Security Engineering team at HashiCorp, dives into the world of security engineering and cloud privilege access management with our CEO and host of All Aboard, Alex Bovee.
Announcing Cloud Privileged Access Management: Our new solution, CPAM, makes it easy for security engineering and IT teams to manage permissions and enforce policies for cloud infrastructure accounts in AWS, GCP, Azure, Snowflake, and more without getting in the way of productivity.
Baton: The Open Source Fabric Powering Identity Security: Baton has evolved with ConductorOne through adding service mode, provisioning support, and numerous more integrations that connect an identity security control plane to your environment.
What’s coming next?
ConductorOne will be attending both BSides on August 8th and 9th and BlackHat on August 9th and 10th. Come say hi and chat least privilege and just-in-time access with the C1rew!
Thank you to everyone who tuned in to learn about all of the new things we have released. We are all so proud to show the world our Cloud PAM solution and to get started with all of you.