Eliminate Hard-Coded Passwords
XTAM provides a full suite of secure APIs that enables an automated approach to application to application password management. Using this approach, login credentials, passwords and keys no longer have to be embedded into your scripts, rather they are safely stored in the XTAM vault where they are dynamically retrieved when authorized. Furthermore, this allows for greater XTAM controls including audit logging, periodic password rotation and generating random and highly complex password strings.
- Forever remove hard-coded passwords from your scripts which leaves your passwords vulnerable to both internal and external threats.
- Automatically rotate application or database credentials ensuring passwords are maintained and periodically updated to prevent unauthorized access.
- Configure complex password formulas to limit the risk of phishing and social engineering attacks.
- Comply with your strictest of IT security policies and regulations.
Secure your Enterprise DevOps
XTAM supports the delegation of local users, groups and API token management to individual department or teams owners in the vault. This ability allows the system to support fast operating DevOps teams now capable to quickly manage access for users and scripts in different environments but still follow secure practices provided by privileged account management server without requesting necessary resources from system administrators.
Additionally, XTAM allows delegation of application access password management (AAPM) to independent DevOps teams enabling them to store sensitive keys and passwords used by scripts and applications in the secure vault and control access to this information by scripts using unique and secure tokens.
- Delegate access control, permission maintenance and token management to the department or team owners that know their needs and requirements best.
- Promote corporate best practices of managing control of privileged accounts to agile operations teams.
- Easily enable the use of application access password management throughout your Enterprise DevOps teams.
- Provide secure connectivity to databases directly from the user’s native Database client using XTAM’s built-in Oracle Proxy.
Full REST API Suite with Authentication Tokens
Through the use of XTAM’s API, you can securely access any objects stored within the solution. For increased security, the API requires the user or system successfully authenticates and verifies that it has permissions to the requested object before access is initiated. Permissions are maintained within the solution and enforced however the user or system interacts with these objects.
Authentication Tokens are also available that takes it a step further than simple user/password authentication. Tokens can be generated, enabled/disabled, tracked and IP restricted to provide even greater control and security of your secrets stored within XTAM.
- Integrate applications or ticketing systems with XTAM using our full REST API library.
- Zero trust model means that your secrets remain secure until the user or application authenticates and validates their permissions.
- Generate on-demand authentication tokens for enhanced control and security when using the API.
- Fully interactive, web based API documentation accessible directly from within XTAM.
- Comprehensive API examples available in today’s most popular languages including PowerShell, Shell, Python and VBScript.