Delinea, a prominent purveyor of solutions which smoothly enhance Privileged Access Management (PAM), has recently been granted a United States patent for its Delegated Machine Credentials (DMC), an innovative technology infused in its Server PAM solution. The patented DMC feature mitigates risk and bolsters automation in DevOps and DevSecOps teams, that need privileged access and authorisation for their cloud or on-premise infrastructure workloads.
The DMC technology streamlines the workflow by delegating entitlements of a specific machine to the workloads running on it. This process lessens the number of service accounts required, significantly shrinking the attack surface and boosting the agility of the development teams. In 2022, GitHub disclosed that 1 in 10 software authors inadvertently exposed a security secret in their repository, with 67% of these consisting of common secrets such as usernames and passwords. DMC's safe and secure method can help to diminish this significant risk.
Delinea’s novel DMC capability assists organisations as an alternative to a vault-centric method. It allows clients to streamline privilege controls on their infrastructure, and efficiently allows machines access using DMC in the Server PAM solution. On enrolling a machine in Server PAM, it is automatically attributed a unique identity with roles, rights, and entitlements. This trust connection can be allocated to any approved applications, services, containers, or comparable workloads operating on that machine.
Utilising a distinctive federation token for developers to connect application components, the system does not require static credentials, thus leaving no potentially compromisable information within the code. This procedure also ensures that tasks are minimised for DevOps teams by implementing privileged access policies for the workloads that are already applied to the machine.
Delinea’s patented DMC approach resolves a contentious issue for DevOps teams ensuring federated access for machine identities. Consequently, it lessens infrastructure operations, significantly reduces service accounts that could potentially be exploited, and supports agility. The vast majority of privileged access requirements for DevSecOps teams are thereby fulfilled. Delinea's Chief Technology Officer, David McNeely, expressed satisfaction on this recognition for the firm's Delegated Machine Credentials, highlighting the enhanced workload authentication compared to traditional application-to-application password concepts.
The introduction of Delinea's Delegated Machine Credentials has empowered developers and security teams with a more reliable and efficient AAPM capability. The use of this pioneering technology will secure IT environments more effectively whilst simultaneously reducing service account privilege sprawl. By fostering machine trust and eradicating the need for in-depth service account utilisation, DMC has set the bar higher for future developments in cybersecurity and privileged access management.