Venafi SSH Protect

Venafi SSH Protect

Prevent compromise or misuse of your SSH machine identities

SSH Protect delivers a comprehensive, automated solution that can discover, remediate, govern and audit all SSH machine identities and the host-to-host connections they enable.

Actively discover and monitor your SSH keys

SSH Protect discovers SSH hosts and SSH keys throughout your infrastructure. So you can create an accurate inventory that’s continuously updated and actively monitor SSH machine across your organization.

Ensure the secure use of your SSH keys

Rapidly identify and mitigate SSH vulnerabilities or insecure configurations that violate your security policies. SSH Protect provides recommended mitigation actions from a single-pane, active dashboard.

Actively discover and monitor your SSH keys

SSH Protect discovers SSH hosts and SSH keys throughout your infrastructure. So you can create an accurate inventory that’s continuously updated and actively monitor SSH machine across your organization.

Ensure the secure use of your SSH keys

Rapidly identify and mitigate SSH vulnerabilities or insecure configurations that violate your security policies. SSH Protect provides recommended mitigation actions from a single-pane, active dashboard.

Remediate SSH keys to prevent misuse

Specify and enforce SSH key policies and continuously monitor policy violations with custom remediation. SSH Protect helps you log when a key was used and by whom as well as automating the provisioning of SSH keys on any device.

Issue SSH certificates via pull provisioning

Increase your SSH security and policy enforcement by switching to SSH certificates—built-in meta data, including an expiration date, make them harder to exploit. SSH Protect gives you improved visibility and insights into who is requesting and deploying SSH certificates.

Prevent SSH audit failures

Failing an SSH audit can lead to large fines, as well as additional costs cleaning up SSH key sprawl. SSH Protect helps you regularly review SSH entitlements, assess risk, avoid compliance violations and increase accountability for identity and access management.

Information 

Key Features

Visibility
  • Discover SSH keys to create an accurate inventory and begin active monitoring.
  • Use agent-based and agentless scanning tools.
  • Organize keys and metadata into folders.
  • Integrate with Active Directory.

 

Intelligence
  • Identify policy violations and vulnerabilities and get recommended actions from a single-pane dashboard.
  • Report on servers, users and access privileges.
  • Map SSH key policy violations to NIST 800-53.
  • Identify insecure configurations and port forwarding.

 

Automation
  • Specify, monitor and enforce SSH key policies, including rotation.
  • Automate custom remediation of policy violations.
  • Log when a key was used and who used it.
  • Integrate with SIEM, CyberArk and others.
  • Automate provisioning on any device via a self-service UI.

Datasheet

SSH Protect