Odo Security unveils agentless, cloud-native platform that allows secure access management

Odo Security unveiled an agentless, cloud-native platform that allows IT and DevOps engineers to easily manage secure access to any application, server, database and environment located on-premises or in the cloud.

“According to our primary research, the chief inhibitor to the adoption of effective access controls is an inability to integrate solutions with essential IT investments,” noted Steve Brasen, research director with analyst firm Enterprise Management Associates. “Odo Security has developed an elegant approach that easily layers on top of existing infrastructure while providing users with a seamless and intuitive access experience.”

Unlike competing products that only support web access, Odo is unique in its ability to also support SSH, RDP and database access which is a game-changer for DevOps teams. In addition, OdoAccess provides full visibility into all user activity, can be set-up in less than three minutes and eliminates the administration burdens associated with VPNs.

“Controlling access to both production and development environments is a complex challenge,” said Eyal Sasson, CISO for Gett, a global ride-hailing app available in over 120 cities worldwide, including London, Moscow and New York. “We like the fact that Odo Security allows us to control access to and within each resource, like giving some users ‘write’ and others ‘read-only’ privileges. Odo also provides complete visibility into all activity and alerts on suspicious events so we can take action in real-time. We haven’t seen these types of capabilities from any other platform.”

Access management simplified

Odo’s zero trust architecture moves access decisions from the network perimeter to individual devices, users, and applications where business-driven security policies and access controls are best enforced. Every access attempt is treated as suspect until authenticated and authorized. Users only have access to those resources they have been authorized to see. In a single click, IT and DevOps engineers can ensure that the right people have access to the right resources at the right time, all while giving users frictionless access and maintaining total visibility on all user activity.

“IT and DevOps engineers need visibility into who is doing what and to spend their time building infrastructure, not managing access,” said Or Zilberman, CEO of Odo Security. “Odo eliminates time-consuming policy management and cumbersome maintenance associated with legacy access solutions like VPNs, while providing a full audit trail and a seamless experience for users.”

OdoAccess capabilities and benefits

Agentless Architecture – Easy deployment in under three minutes with optional certificates for host checking, full integration with SIEM and a SaaS-like user experience.

Centralized Control – Granular access control over and within each resource, based on the dynamic and contextual assessment of user attributes and device state. A rich set of rules can be enforced across all users, servers and enterprise data stores, including user commands and database queries. If a user is not authorized to access a resource, it’s invisible.

Control Over Third Party Access – Access to – and within – any application, server, database or environment can be easily compartmentalized and limited in both time and scope.

SSO for SSH – SSH keys are maintained in a central and secure location, eliminating manual management of static credentials and reducing the risk of lost or compromised keys. Instead of requiring every user to hold keys, Odo issues a temporary, personal key for access to authorized servers, which can be revoked at any time.

Database Access – Odo manages and monitors database access end-to-end, and provides granular control over permissions. For example, developers can be given “read only” rights to block their ability to write, drop or alter data.

Complete Visibility – Full audit trail of user activity including server access, executed commands and queried data, as well as fully recorded sessions. Alerts on suspicious activity allow administrators to block user actions in real time.