BeyondTrust, global information security company dedicated to preventing privilege abuse, announced a free API that enables users to call stored credentials from its PowerBroker Password Safe. The PowerBroker Password Safe API retrieves the most up to date credentials for a given user, application, infrastructure, cloud solution, or database. BeyondTrust designed the API to remedy shortcomings of single sign-on and simplify developer access to secure credential management.
"In our dedication to preventing privilege misuse and stopping unauthorized access, BeyondTrust recognizes the importance of safeguarding sign-on credentials as the next step in secure authentication," Morey Haber, BeyondTrust Vice President of Technology, commented in a press release.
BeyondTrust names three specific benefits of using the API: secure credential management, simplified developer access, and protection from SSO hacks. Developers can call the PowerBroker Password Safe API to retrieve credentials as opposed to entering static credentials which allows more secure management. Developer access is simplified because the need for username and password entry are eliminated. Credentials are stored and retrieved automatically. The logged on user is recognized and a credentials are seamlessly passed for a given application. Since credentials are shared directly within an application, hacking techniques such as pass-the-hash and keystroke logging are rendered ineffective.
The API is available to all BeyondTrust Technology Alliance Program partners. When calling credentials through the API, the credentials are released upon a session ending. At this point, passwords are automatically cycled randomly to ensure security and the end user is never exposed to a username or password. Authentication occurs silently behind the scenes. Auditing of all activities is available for those who need such functionality. To assist developers with getting started, BeyondTrust has published sample code. Code samples are available in C# (.NET), PowerShell, Ruby, Python, Java and Bash shell.