Xton Access Manager Product Update 2.3.201902242229
Today we released new update to the Xton Privileged Access Manager software. Highlights of this update include Secure-IDs option to hash internal object IDs prevent an external observer to enumerate or scan system objects by IDs:
Added Secure-IDs option to hash internal object IDs for the application interfaces
The update enables the option to display and to require all internal object IDs in the system in the randomized form for both GUI and API interfaces prevent an external observer to enumerate the system objects. The option is controlled by the system parameters xtam.secured.ids=true and could be disabled.
The option also allows to disable strict check of the Secured-IDs passed to GUI and API functions for backward compatibility with the existing URLs and scripts controlled by the option xtam.secured.ids.strict=true enabled by default in new installations.
Note that the option provides a deterministic algorithm to hash IDs matching the same Secure-ID for the same internal ID. The option could be safely enabled and disabled during operations without effect on the internal system integrity. However, the external scripts using system API might be affected in case they used hard coded IDs or relied on the fact that system internal IDs are numbers. New hashed IDs are strings.
The option is enabled by default for all new deployments but could be disabled using system properties discussed above. The option is not enabled for the existing installations but it could be enabled using the same parameters in the configuration files.
Please review key features documentation and product news using the links below
- Object Access Report
- Using Public Key Authentication with native SSH Applications for Secure Sessions
- Automatically Rerun Failed Jobs or Tasks
- Getting Started Guide
- Xton Technologies News and Events
- Xton Access Manager How-To Guides
- Explore Our PAM Features and Highlights
- Explore a pre-configured live demo in our environment
- Best Practices Guide provides insights into both Concepts and Design elements for users looking to build out their PAM deployment
The software requires about five minutes to install on a freshly built Windows or Linux server or desktop with 1+ Gb RAM and no pre-requisites. After installation, please follow our Getting Started Guide for step-by-step introduction to the application.
Read the product documentation including Windows and Linux installation instructions as well as Getting Started Guide: https://www.xtontech.com/resources/documentation/
Follow this link for the instructions how to update the existing setup: https://www.xtontech.com/resources/faq/updating-xton-access-manager-version/
Check the software pricing, including options and licensing FAQ: https://www.xtontech.com/store/
We appreciate your feedback and comments about Xton Access Manager and also about handling privileged accounts, passwords, keys and certificates as well as sessions to remote computers in general.
Thank you for your interest in our product.
Xton Technologies team
Xton Access Manager for Privileged Access Management (PAM) provides complete, control for your privileged passwords, secrets, certificates and documents to meet audit requirements while limiting your risk of security breaches. It’s easy to install, affordable, cloud-ready and offers unlimited use and storage
Please fill out this form to receive a download link to get started today, even on your current desktop or laptop. Documentation is available to help or you can email or call us to request a trial extension, discuss questions and share your feedback. We would love to talk to you.