Scytale Delivers ‘Frictionless’ Service Authentication for Hybrid & Cloud-Native Enterprises

Scytale, a founding contributor to Cloud Native Computing Foundation, has launched a platform to deliver frictionless services authentication -- across containers, cloud and on-premise environments. Scytale Enterprise supports secure authentication for a range of cloud-native services.

by Brenda Fox

Tags: cloud, hybrid, identity, services authentication Scytale, SPIFFE,

Scytale, a founding contributor to Cloud Native Computing Foundation, has launched a platform designed to deliver frictionless services authentication across containers, cloud and on-premise environments.

Scytale Enterprise aims to support secure authentication for cloud-native services, according to Scytale CEO Sunil James. It was built to enable security engineering teams to standardize and accelerate service authentication across cloud, container-based, and on-premises platforms, James explained. Further, Scytale allows users to reduce application onboarding from weeks to minutes and accelerate cloud and container adoption without compromising existing security controls.

Scytale's solution is platform agnostic, fully automated, scalable, and based on open source CNCF’s SPIFFE and SPIRE projects.

SPIFFE (Secure Production Identity Framework for Everyone) is a set of open-source standards for securely identifying software systems in dynamic and heterogeneous environments. Pinterest and the open source Istio project for microservices management both use SPIFFE.

SPIRE (aka the SPIFFE Runtime Environment), is an open source SPIFFE implementation that allows organizations to enables organizations to provision, deploy, and manage SPIFFE identities throughout their heterogeneous production infrastructure.

Scytale’s genesis as a way to help companies address authentication for mounting complexity of hybrid, cloud and cloud-native projects is described on the Scytale blog.

As enterprise infrastructures become more distributed, hybrid and interconnected, security and infrastructure engineering teams struggle to authenticate services across platforms.

In order to support existing, time-consuming workflows that include various activities such as service ID creation, token rotation, ticket management, and approvals engineering teams end up waiting for disjointed Identity Providers (IdP) to be “glued” together.

In the end, enterprise security teams need an automated, flexible and consistent solution like Scytale Enterprise for authenticating services, regardless of which platform they run on.

Scytale Enterprise features provides many advantages:

Platform Agnostic: To securely authenticate application or software services across heterogeneous platforms including cloud, containers, and on-premises infrastructures.
Designed for Dynamic Environments: To easily manage identity in today’s cloud and containerized environments. Identities can be tied to individual services (instead of static hostnames). Further, Scytale Enterprise is automated to help scale authentication in highly elastic environments.
Central Overlay Service Directory: This provides a centralized directory for all service identities that unifies cloud, container, and on-premises identity providers. For each service ID, the directory stores mapping to multiple identity providers that enable seamless translation across heterogeneous platforms.
Policy Driven Lifecycle Management: To leverage multi-factor policies to eliminate hard-coded keys. This automates steps such as identity issuance, attestation, and certificate rotation according to these predefined multi-factor policies.
Comprehensive auditability: To obtain complete, granular insights into the lifecycle of a service’s identity in highly dynamic environments, including its associated policies and other details about the service itself.