Scytale Delivers ‘Frictionless’ Service Authentication for Hybrid & Cloud-Native Enterprises

Scytale, a founding contributor to Cloud Native Computing Foundation, has launched a platform to deliver frictionless services authentication -- across containers, cloud and on-premise environments.  Scytale Enterprise supports secure authentication for a range of cloud-native services.

Tags: cloud, hybrid, identity, services authentication Scytale, SPIFFE,

Scytale, a founding contributor to Cloud Native Computing Foundation, has launched a platform designed to deliver frictionless services authentication across containers, cloud and on-premise environments. 


Scytale Enterprise aims to support secure authentication for cloud-native services, according to Scytale CEO Sunil James. It was built to enable security engineering teams to standardize and accelerate service authentication across cloud, container-based, and on-premises platforms, James explained.  Further, Scytale allows users to reduce application onboarding from weeks to minutes and accelerate cloud and container adoption without compromising existing security controls.


Scytale's solution is platform agnostic, fully automated, scalable, and based on open source CNCF’s SPIFFE and SPIRE projects.


SPIFFE (Secure Production Identity Framework for Everyone) is a set of open-source standards for securely identifying software systems in dynamic and heterogeneous environments. Pinterest and the open source Istio project for microservices management both use SPIFFE.


SPIRE (aka the SPIFFE Runtime Environment), is an open source SPIFFE implementation that allows organizations to enables organizations to provision, deploy, and manage SPIFFE identities throughout their heterogeneous production infrastructure.


Scytale’s genesis as a way to help companies address authentication for mounting complexity of hybrid, cloud and cloud-native projects is described on the Scytale blog.  

As enterprise infrastructures become more distributed, hybrid and interconnected, security and infrastructure engineering teams struggle to authenticate services across platforms.

In order to support existing, time-consuming workflows that include various activities such as service ID creation, token rotation, ticket management, and approvals engineering teams end up waiting for disjointed Identity Providers (IdP) to be “glued” together.

In the end, enterprise security teams need an automated, flexible and consistent solution like Scytale Enterprise for authenticating services, regardless of which platform they run on.

Scytale Enterprise features provides many advantages:

  • Platform Agnostic: To securely authenticate application or software services across heterogeneous platforms including cloud, containers, and on-premises infrastructures.
  • Designed for Dynamic Environments: To easily manage identity in today’s cloud and containerized environments. Identities can be tied to individual services (instead of static hostnames). Further, Scytale Enterprise is automated to help scale authentication in highly elastic environments.
  • Central Overlay Service Directory: This provides a centralized directory for all service identities that unifies cloud, container, and on-premises identity providers. For each service ID, the directory stores mapping to multiple identity providers that enable seamless translation across heterogeneous platforms.
  • Policy Driven Lifecycle Management: To leverage multi-factor policies to eliminate hard-coded keys. This automates steps such as identity issuance, attestation, and certificate rotation according to these predefined multi-factor policies.
  • Comprehensive auditability: To obtain complete, granular insights into the lifecycle of a service’s identity in highly dynamic environments, including its associated policies and other details about the service itself.

EMA Notes Scytale Advantages of Unified Access Control to Services

One analyst said Scytale’s approach is valuable as it delivers a “flexible yet consistent” solution for authenticating services, regardless of which platform they run on.   Steve Brasen, research director with EMA (Enterprise Management Associates) said in a statement, “According to our [EMA] research, the need to unify access controls across cloud and on-premises infrastructure is the most significant challenge organizations face today with responsibly delivering business services.”


Brasen went on to note some of Scytale’s more attractive aspects.  “Scytale’s approach is particularly exciting for its focus on unifying access controls to services across complex, hybrid IT ecosystems. By consolidating authentication practices for all services, organizations will greatly simplify IT service orchestration as they transition to cloud environments while achieving security assurance,” he added.


CEO James detailed Scytale’s research and development efforts: "For two years, Scytale has worked diligently with a varied group of enterprises who are at different points along their journey to the hybrid cloud. Shepherding the SPIFFE and SPIRE open-source projects was Scytale’s first step toward helping expedite that journey. Scytale Enterprise is the second step -- empowering our Fortune 1000 customers to easily and rapidly extend their existing on-premise service authentication frameworks to their burgeoning public cloud infrastructure.”