Pass-the-Hash (PtH) attacks against the Windows operating systems are becoming common. Microsoft wants organizations to assume that a breach has already occurred in order to highlight the need for a more mature defense. In most organizations, the Local Administrator Password is shared amongst many administrators and is a small set of static strings. This raises major security concerns specially when it comes to Pass-the-Hash attacks.

With Synergix Secrets Vault ( Seva ) installed, Local Administrator Password is system generated and stored in private key vault, in encrypted format. Passwords are validated regularly and reset to maintain the integrity. The password vault is infallible to the extent of Azure Resources. Only designated administrators are allowed to retrieve and decrypt the password strings.
 
Seva supports Windows, Unix and Mac that are Azure AD joined, On Premises AD joined, Workgroup joined or in any other hosted environments, including Amazon, Google, etc.
Encryption

Administrator Password is encrypted using unique encryption key

Unique Password

Local Administrator Password is unique and varies in length from 16 to 48 characters

No Schema Changes

No Schema Changes are required as passwords are stored in the vault.

Delegation

Leverages delegation in Azure AD to manage access to the vault

Open API

API help integrate third party applications like serviceNow

Business Justification

Requestor is required to type business justification before opening the password valut

Least Privileges

Workflow is built following the principle of least privileges

Password Masking

By default, password is masked, when first retrieved.

Auditing

Integrated Audit Logs

Instrumentation

Computer properties, from various WMI claases, are stored in a database.

SEVA

This website uses cookies to ensure you get the best experience on our website.