Re-imaginging the future of AuthN and AuthZ
AuthNull was developed in response to a customer’s requirement to eliminate passwords and SSH keys. Our primary objective was to intercept various protocols and authentication methods, implementing a security measure through obscurity by removing passwords and SSH keys.
Modern infrastructure often struggles with the challenges posed by passwords and SSH keys. These credentials need to be regularly changed, redistributed, and sometimes stored in order to ensure smooth operations. AuthNull was meticulously designed to eradicate the reliance on passwords and SSH keys whenever possible or relegate them to a secondary role.
Today, AuthNull offers a comprehensive privileged access management solution that enables passwordless access to server infrastructure, whether it’s virtual machines, database servers, or Kubernetes (K8s) infrastructure. While we take pride in achieving our initial objectives and acquiring satisfied customers, we acknowledge that our journey is far from over.
While initially focused on solving the issue of passwordless authentication for remote servers and databases, AuthNull is evolving into something much grander. We envision a future where most remote infrastructure, including networks and storage systems, can be accessed without passwords. In this vision, users won’t need to remember credentials, and authentication will be fully decentralized. Passwordless authentication is a significant component of this puzzle, but our product roadmap extends beyond that.
We are actively progressing towards becoming a comprehensive and dynamic authorization system, incorporating AI capabilities to determine the most suitable permissions for users, thereby reducing risks associated with access control.
The problem with Authorization today that we are trying to solve
It is no secret that the operational burden of authentication and authorization systems is very heavy, and inversely proportional to granularity of permissions. Fine grained permissions require the highest operational burden., whereas course grained systems require lower operational burden.
AuthNull aims to solve this people intensive systems with a next AI powered AuthN and AuthZ solution.
The future of AuthN and AuthZ powered by AI
We envision a future where AuthNull is the centre of dynamic AuthN and AuthZ within your enterprise. Dynamic authentication factors are determined by application and AI based on the risk users carry. Permissions that are delivered to the user are also determined by AI, segmented by similar users and the risk that each individual user carries. Permissions are automatically degraded when risk level on each individual persona increases. User can query the helpdesk powered by AI directly on risk assessment and permissions degradation on specific app without having to create help desk tickets. At the same time, new users can be automatically issued baseline permissions, based on segments of similar users and based on the risk of a given user persona.
We see AI being central in reducing the IT workload in managing identities, authentication and authorization and see AuthNull leading from the front on these initiatives.
Excited? Subscribe to our blog to learn more.
