2013: A Security Odyssey

31 12 2013

What did 2013 hold for Thycotic Software? New partners, software releases, and other exciting milestones. Join us for our movie themed year-in-review.

This year, in the wake of dozens of newsworthy data breaches, the landscape for IT security broadened with every headline. The importance of securing privileged credentials and managing identity went from a “nice to have” to a “need to have” seemingly overnight. It became more apparent from IT teams across the globe that a spreadsheet was no longer a trusted, secure repository to manage privileged passwords in an organization.

So what did this mean for Thycotic? Keeping a close eye on security trends, we listened to our customers and built the features they requested to solve their most essential use-cases in privileged account management. But that wasn’t all we did.

Here are just a few highlights of what made 2013 a defining year for Thycotic Software.

Let it snow, let it snow? More like, let it grow, let it grow!

Inc. Magazine named us one of the Top 5000 Fastest Growing Companies in the US, and #33 in the top 100 fastest growing companies in DC. We couldn’t be more honored to receive this privilege. Our growth is attributed directly to our fantastic customers and our intelligent, hard-working team.

Lions, Tigers, and Splunk – Oh, My!

This year we announced several great partnerships, ending the year with an official announcement of our partnership with Splunk to release the Secret Server App for Splunk Enterprise. We’re proud of all of our new partnerships, and especially of our rapidly growing technology integration partner program. You can read more about the Splunk integration with Secret Server in our press release.

Come fly with me, let’s fly, let’s fly away.

We broke a personal record at Thycotic by sponsoring over 35 tradeshows across the world in 2013. We’ve presented dozens of keynotes, spotlight sessions, thought leadership interviews and spoke directly with thousands IT security and operations professionals in every major vertical about their security needs. Thanks to our dedicated team who worked round-the-clock to make those events a major success.

Release the kracken!

This year we’ve had several exciting releases to our products Secret Server, Password Reset Server and Group Management Server based on direct requests from our customers.

For Secret Server, some notable new features are: SAP support for natively changing passwords on SAP accounts; expanded API to increase automation in scripting; Custom Columns for a more tailored dashboard view; Website Password Changing to automatically change passwords for Windows LIVE, Google and Amazon accounts; SAML Support for increased security and single-sign on convenience; and Improved Discovery for Scheduled Tasks and Application Pools, now discoverable by Secret Server.

Other new product features are Active Directory Attribute Integration to let employees easily update their own AD information with Password Reset Server, and Group Renewal for Group Management Server to remind Active Directory group managers to double check their group membership from time to time.

So what’s next for 2014?

We think that 2014 will trump this year in success stories, growth, partnerships and products. We hope you join us every step of the way. Join us on LinkedIn and Twitter for the latest news in cybersecurity and be sure to stop by our booth at RSA 2014 in San Francisco as we kick off another thrilling year in IT security.  Also Thycotic is hiring, join the Thycotic team – read these great Thycotic reviews and see the latest Thycotic videos.





Don’t miss our monthly webinars!

5 11 2013

Every month, Thycotic hosts a webinar to explore new features, technical integrations and best practices. Last week we discussed a fairly new feature added to Secret Server version 8.3, which has expanded the list of web password changers. Secret Server can now change passwords on Windows Live, Google and Amazon accounts. This means you can now manage your Office 365, Google Apps and Amazon Web Services through Secret Server. These sites are just the beginning of web password changing for Secret Server. If you missed the live webinar, you can watch a recorded version here.

We have several upcoming webinars, including a feature deep-dive and tech integration case study.

Sign up now to get them on your calendar!

Learn how America First Increased Security through Authenticated QualysGuard Scanning with Secret Server

November 5, 2013 at 1:00 pm EST.

Do you have a full understanding of your network security, from both external and internal threats? Performing authenticated scanning for internal threats while keeping credentials locked-down on premises can greatly mitigate security risk. Find out how America First, a national credit union, implemented secure authenticated scans with Secret Server.

Register here for the Qualys Authenticated Scanning webinar

Thycotic Software Introduces- Password Reset Server

November 14, 2013 at 11:30 am EST.

Learn how Thycotic can help solve your end-user AD password rests. Password Reset Server is an AD self-service reset tool that helps reduce your help desk calls.

Register here for the Password Reset Server webinar

For the latest security news and Thycotic product updates, follow us on LinkedIn!





Secret Server iPhone app does not use keychain

15 03 2011

There have been some movies going around lately showing how to compromise an iPhone and reveal all the stored passwords in the Apple keychain in minutes.

David from our engineering team talks about how the Secret Server password app for iPhone is not susceptible to this type of attack because it uses its own files for encryption along with a randomly generated key that includes device specific information.

David talks about encryption on Secret Server iPhone app.




Sneak preview of the Secret Server app on Droid

7 07 2010

Here is a movie showing the basic proof of concept application working on the Android Phone simulator. It demonstrates authenticating to Secret Server, pulling down a list of Secrets. Then adding a Secret Server using the web browser and seeing it appear in the app.

This app should be available within 2-3 months.





Folders are coming to the Secret Server iPhone app

6 05 2010

Here are some sneek screenshots of the new folder capabilities in the iPhone password manager app:

iphone
iphone

This will allow you to browse folders for customers, teams, servers or different parts of your organization and easily find Secrets within those folders. You are also able to search by folder, create new folders and assign Secrets to folders.

iphone

We are also working on offline caching capabilities for the next iPhone app release. Stay posted – the new version will be out before the end of May 2010!





Secret Server comes to the BlackBerry

5 05 2010

Here are a few teaser screenshots of our new Secret Server Password Management BlackBerry app  that will be going into beta within the next two weeks. The initial beta will only support viewing of data (no adding or updating of Secrets) but the final release version will have adding/editing capability.

iphone
iphone

The Secret Server Password Management BlackBerry app will work with your existing Secret Server or can be used with our Online Edition (hosted version).

The team has copied the design of the iPhone app for the most part with some differences to fit better with the BlackBerry platform (such as a context menu to jump to different screens in the app). We are also exploring options for offline caching within both the BlackBerry app and the iPhone app – stay posted for more on this.

Please click here http://www.thycotic.com/beta.html if you are interested in joining our Beta program.

iphone
iphone





Bringing Enterprise Password Management to the iPhone

23 06 2009

iphoneWhile there are many iPhone password managers available for home and personal use, Secret Server Password Manager iPhone edition brings privileged password management to the IT professional. And it’s free! With an already-established password management platform, Secret Server iPhone provides the security and convenience needed for you to efficiently manage and track your organization’s most critical passwords from your phone and PC.

Here’s a look under the hood

The Secret Server Password Management iPhone app allows you to view, edit, and create Secrets for multiple accounts. You can also see which Secrets were recently accessed, add favorites, and lock the application with a pin code. If you lose your iPhone, you are still be able to access your Secrets from a computer because the application synchronizes with both Secret Server (installed) and Secret Server Online.

The applications that Apple delivers with the iPhone all share a consistent UI and provide an intuitive user experience, so we went to great lengths to emulate this in our application. For example, when you press a table cell and are brought to a new screen, you expect to see a button in the top left that returns you to the previous screen. You also expect certain animations and screen layouts in other familiar situations. One of the challenges of programming the Secret Server iPhone application was meeting these expectations while still providing a powerful web-based application.

iphone

What makes iPhone programming different from .NET programming is that you have to be more particular about performance and memory management. iPhones are far less powerful than servers, and large memory allocations should be avoided at all costs. For example, in our application the same memory block is used whenever a Secret is created or edited. This may make the code a little harder to read, but it provides a great boost in performance.

In conclusion, writing the iPhone application was a creative, challenging experience and introduced us to a new language, API, operating system, and way of thinking about code. I am very excited about the Secret Server Password Manager iPhone edition, and will be using it on my iPhone every day.

Have an iPhone? Sign up for the Secret Server Password Manager iPhone app Beta today!





Secret Server on the Treo 700

19 04 2008

image

Secret Server has supported a "Mobile Edition" for over a year now but it is always tricky making sure that it works correctly on all devices.

Our approach was to bake mobile support into the base product (ASP.NET based) so it simply scales down to the capability of the device.  That sounds simple but unfortunately it depends on making sure that functionality will work with all the limitations of various devices.

My own favorite BlackBerry 8820 does a reasonable job of helping me get to the password I need in emergencies but it is hardly a pleasant browsing experience.  In fairness, no browsing on the device is particularly pleasant since it is slow, struggles with most layouts and has a small screen.  That said, I love it dearly and browsing has never been a core requirement for me since email, contacts and calendar are definitely my most essential.

Today we had a customer ask about the Treo 700 so I tried out the emulator from the Palm website.  It seems to work fine with Secret Server and I was able to browse around and access passwords.

–Jonathan








Follow

Get every new post delivered to your Inbox.

Join 30 other followers