A theme repeated in every customer conversation is – help me make sure my entire security stack is integrated. In some cases that “integration” means sharing data between different tools and in other it means driving actions across different tools based on events or triggers. In an effort to drive towards that goal, our latest release includes the following enhancements.
1. Enhancements to Logging
We have added an option to forward logs via syslog in addition to sending logs to Microsoft Sentinel. This further enhances the customer's ability to apply advanced analytics and integrate information with their SIEM.
Detailed access logs collected from users accessing resources in customers environments can now also be forwarded to internal or cloud-based syslog services. Appaegis Service Edge’s (SE) can be used to forward access logs to an internal syslog collector such as Splunk or other syslog services.
Appaegis logs are formatted in json format. Access logs for SSH, Web, and RDP access provide granularity that enriches SIEMs with visibility into Who accessed What resources and When the resources were accessed.
2. SSH security enhancements
There are three key improvements associated with SSH security in this release.
a. SSH onboarding flow improvements
We have added support for SSH applications to use user/team-based configuration. This further simplifies the onboarding of users that require key/cert-based access to SSH resources. Organizations can now use unique certificates per user to secure SSH resources.
b. SSH Profiles
Administrators can create SSH access profiles to manage multiple SSH keys, and associate users and teams to specific keys used to access servers. SSH Profiles greatly simplifies management of SSH access policies and allows administrators controls needed to maintain strict access.
The new UX design of the SSH profiles simplifies the auditing and reporting of who is using which keys to access what servers.
Existing session recording capabilities provide complete visibility of user activity. This also provides visibility and allows enforcement of policies to prevent data leakage by preventing users from downloading files and data in SSH sessions.
Click here to learn more about the capabilities of Appaegis Enterprise Access Browser. Or set up a call with our cybersecurity experts to learn more about how our customers are securing access to their cloud infrastructure and applications.