PrivX uses short-term credentials to provide just-in-time access to servers.

Access is granted based on the user's role. Provisioned credentials

are created on demand, only valid for a short time, and never stored

to disk.



Improve security

Access to endpoints is provisioned using on-demand short-lived

certificates that are valid for only a few minutes and never written

to disk nor exposed to end-users. This completely eliminates the risk

of credential theft, removing the greatest security risk in privileged

access management.



Reduce costs

PrivX works using existing SSH clients and servers, so there is no

need to add or replace components of the SSH infrastructure. The lack

of dependence on external components translates to minimal disruptions

to network infrastructure, and reduced maintenance costs.



Using short-lifetime access certificates provided by PrivX eliminates

the need for certificate revocation or key rotation.

https://help.ssh.com/support/solutions/articles/36000036925-privx-administrator-manual#idp4

Comments

Popular posts from this blog

Check MySQL query history from command line

Installing chocolatey on Windows