Sneak Preview: HSM Data Encryption with SafeNet

16 11 2012

We’re working with SafeNet, an industry leader in data protection, to bring hardware data encryption to Secret Server. We’re adding support for SafeNet’s Hardware Security Modules, or HSMs.

SafeNet LUNA

Pictured: SafeNet LUNA PCI HSM

SafeNet’s Luna PCI HSM (pictured) is FIPS 140-2 Level 2 and 3 compliant, bringing a new level of data protection to your enterprise.

When Secret Server is configured to use SafeNet’s HSM, Secret Server will no longer store the encryption key on the server or perform the actual encryption and decryption. Instead, the encryption key is stored inside the device, and the device itself performs the encryption and decryption. Secret Server at no point is aware of the keys being used to encrypt or decrypt data. All the encryption and decryption stays in the hardware.

 

When an HSM is available, Secret Server will allow selecting the encryption key storage location during installation.

Installation HSM

SafeNet’s HSM also allows redundant configuration of two or more HSMs to ensure zero loss of data and Secret Server is always available.

We are pleased to be adding this capability to Secret Server and have enjoyed working with the smart folks over at SafeNet. The SafeNet HSM support will be available in the next release of Secret Server.


Comments : Leave a Comment »
Tags: , , ,
Categories : Secret Server, Security, Sneak Preview

Sneak Preview: Bookmarklet 2.0

7 11 2012

Our team is working to make logging in to websites easier than ever with new bookmarklet functionality.

The new bookmarklet is able to work on any web page, and automatically log you in. It is only required that the web page has a secret in the Secret Server, and that the user be logged in to Secret Server.

This will greatly improve the compatibility over the web launcher. Sites that implement client-side validation, such as a CAPTCHA, were not compatible. With the new bookmarklet, the username and password will be filled out in the webpage itself, allowing the user to fill out just the CAPTCHA.

Form Filler

Above is an example of the bookmarklet working with Gmail. The bookmarklet will be compatible with recent versions of all major browsers. There isn’t an exact release date at the moment, but expect the functionality soon.


Comments : 5 Comments »
Tags: , ,
Categories : Secret Server, Sneak Preview

Sneak Preview: Dashboard Enhancements

18 10 2012

The next release of Secret Server has a lot of new functionality, in addition several tweaks to the user interface. We can catch a of glimpse of that now with one of the improvements to Secret Server’s dashboard. The Dashboard’s Secret View widget will now dynamically expand to take up the full width of the screen if there are no widgets to the right of it.

Fullscreen

This was a popular request, and it will allow users to utilize more of their screen space to work more effectively. Widgets can still be to the right of the Secret widget, just the way Dashboard works today.

Resize

This will be available in the next release of Secret Server, 7.9 along with many other exciting features. Expect the release within the next week or two.


Comments : Leave a Comment »
Tags: , ,
Categories : Secret Server, Sneak Preview

Sneak Preview: Secret Server Launcher for Mac

11 09 2012

The Thycotic Dev Team is hard at work with new functionality for Mac!  While I don’t have all the details, I do have a few items I can share.  Currently, we’re looking at an “end-of-Q4 2012” release date.  This date may slip, but it’s accurate for now.

Details I can share:

  • The Launcher will support Safari, Firefox, and Google Chrome.
  • The underlying technology uses is a NPAPI plugin. A quick install of a plugin is all it takes to enable the launcher for Mac.
  • Will support SSH and a built-in SSH client will be used.
  • Will support Microsoft Remote Desktop provided the Mac Remote Desktop application is installed.  See Figure 1 for the screenshot of Remote Desktop.  Figure 2 shows the Launcher Helper application in Firefox.

Figure 1

Figure 2

Features due out after the initial release (available in later updates):

  • Custom Launchers will be available in a subsequent update.  Remote Desktop and SSH will be the only launchers supported initially.
  • Session Recording functionality will be available in a subsequent updates.

The Dev Team is interested in hearing your comments, please post your questions and thoughts below!


Comments : 2 Comments »
Tags: , , , , ,
Categories : Secret Server, Sneak Preview

Sneak Peak: Dashboard

17 02 2011

We will soon be releasing a new user interface as a replacement for the Home page, called “Dashboard”. Dashboard is a modern approach to displaying and managing data, one best described as an “interactive console” approach. Central to the idea of a “console” is the ability to drag and drop different components on the screen. Dashboard implements a widget based system which allows fluid customization of data, reports and the functionality shown. Dashboard will be part of the next release, 7.3.


Comments : Leave a Comment »
Tags: , , ,
Categories : Secret Server, Sneak Preview

Folders are coming to the Secret Server iPhone app

6 05 2010

Here are some sneek screenshots of the new folder capabilities in the iPhone password manager app:

iphone
iphone

This will allow you to browse folders for customers, teams, servers or different parts of your organization and easily find Secrets within those folders. You are also able to search by folder, create new folders and assign Secrets to folders.

iphone

We are also working on offline caching capabilities for the next iPhone app release. Stay posted – the new version will be out before the end of May 2010!


Comments : Leave a Comment »
Tags: , , , , , ,
Categories : Mobile, Secret Server, Sneak Preview

Sneak Peek – Secret Server 5.0 and Searching Fields

6 07 2008

Secret Server 5.0 is currently under development, and one of the features that we know for sure that will be in 5.0 is searching Secret Fields. This has been a popular request. We had several obstacles to achieve this, and we have implemented a solution that is secure but effective.

screenshotThe search works by Secret Server creating an index catalog for search terms for each and every secret. This runs as a background process. Secret Server will then start indexing all existing Secrets in your installation, and maintain indexes for secrets as they are changed.

The indexing service allows two different modes of indexing. The standard mode, which allows you to search on whole words. The Extended Indexing option allows searching on part of a word with a precision of 3 characters. For example, "sec" would make a field with the value of "Secret", as would "secre".

Stay tuned for more features coming in Secret Server 5.0!

– Kevin


Comments : Leave a Comment »
Tags: , ,
Categories : Secret Server, Sneak Preview

Secret Server 4.1 coming – visual keyboard

24 02 2008

Here is a new feature coming in Secret Server 4.1 – it is the visual keyboard and is a configurable option for the login screen. 

visualkeyboard

It is designed to thwart malware such as keyloggers which could be running on a public computer and could capture your password if you entered it using the keyboard.  The visual keyboard uses a different random alternate character set each time it is loaded – this means that when you click "a" it may type "3" in the password textbox – the garbled password is reconstituted on the server side when you login.  By using a garbled password then the HTTP POST back to the server if even further protected (and should be protected again by using SSL on your Secret Server installation).

Look for more sneak peeks soon as we approach the release date for Secret Server 4.1 which will be 3/14/2008 – specifically there will screenshots of the new role-based security and the launcher (launch Remote Desktop from Secret Server!).

–Jonathan


Comments : Leave a Comment »
Tags: ,
Categories : Secret Server, Sneak Preview

Remote Desktop – peek into the future …

13 12 2007

Here is a teaser trailer showing automatic opening of Remote Desktop from a secret in Secret Server.

 

Watch movie (Remote Desktop from Internet Explorer)

Watch movie (Remote Desktop from Firefox)

 

There are some technical difficulties in getting Remote Desktop to work like this since it encrypts the password in the .rdp file in a machine/user specific way.

This feature is unlikely to be ready for the Secret Server 4.0 release but should come in an update soon after.

–Jonathan


Comments : Leave a Comment »
Tags: , , , , ,
Categories : Secret Server, Sneak Preview


Follow

Get every new post delivered to your Inbox.