balasys-triangle-leftbalasys-triangle-left

Type your search criteria

see-behind
explore zorp
the number one multi-purpose proxy gateway
use case

identity manager

Take the risk out of enterprise identity and access management
Mitigate risk, secure data, meet uptime requirements and satisfy compliance by giving your users access to data and applications they need and nothing more. Now, Identity and Access Management (IAM) can be driven by business needs, not IT capabilities. With Identity Manager, you can unify security policies and meet governance needs – today and into the future.

Why do you need api securiy?

request price
use case

features

contact sales
granular protocol control
Full interpretation and validaton of 20+ network protocols
Connection handling on application layer
Control of protocol channels ( e.g. file transfer, port forward)
comprehensive encryption support
control of SSL / TLS-encrypted protocols
TLS 1.3 cryptography support
SSL and IPSec VPN
use case

use cases

contact sales
API breach prevention

Unauthorized user or bot access, data leaks, (D)DOS attacks, misuses and human errors have become real threats for companies operating API infrastructures. Protecting your organization from API breaches is the ultimate goal of the Zorp API Gateway. You can authenticate API-requestors, control API calls and inspect the traffic in detail. By encrypting the traffic, you can increase the security of the API communication further. Enforce a custom API security policy without affecting the business operations.

traffic analysis

Zorp API Gateway supports detailed and flexible logging. You can extract customized data from the API-traffic, those you can analyze from different perspectives. You can forward security relevant logs to the SIEM or SOC to improve your API security monitoring posture. The Zorp API Gateway also supports big data tools and data lakes (for example, Kibana, Elasticsearch or Kafka) as potential log destinations. You can send pre-filtered, quality data to these destinations for in-depth business analysis.

Regulatory compliance

PSD2 requires banks to secure the financial data flow via their public-facing APIs. GDPR indirectly requires anonymization or pseudo anonymization of personal data in transit.  The PCI DSS requires financial providers to encrypt transmission of cardholder data via public networks… All these regulations have one key requirement in common: they require regulated companies to protect customers’ data at rest and in transit, as well. The Zorp API Gateway helps streamline your compliance efforts through its comprehensive access control, encryption and audit capabilities.

Protecting legacy systems

The Zorp API Gateway can ensure compatibility with your legacy systems by modifying certain elements of the API traffic. This enables the possibility of hiding information about security risks and treating the vulnerabilities of your legacy applications. For example, you can remove the error messages, banners, or other information specific to the applications to hide faulty configuration or sensitive information about your back-end infrastructure. It can even force upgrade of legacy encryption protocols to the recent TLS version.

Special network security projects

Thanks to its extremely flexible, scriptable configuration you can meet specific security requirements with Zorp Gateway. Just a few examples:

• Data manipulation - modifying sensitive or risky elements of the traffic. For example, masking credit card data or hiding vulnerable server configuration.
• Graceful degradation of services during peak times by preferring transaction-closing events
• Implement your own protocol by using the AnyPy proxy and the power of Python

use case

features

download datasheet
Provisioning done right
Eliminate manual mistakes by automating provisioning to any system, platform or application either on-premises or in the cloud. Extend provisioning to enterprise applications such as Exchange Online, SharePoint and Oracle E-Business Suite.
Access done right
Enhance security by providing employees, contractors, partners, customers, students, alumni, constituents and patients with only the access they absolutely need – nothing more and nothing less.
Privilege governance
Achieve a unified governance approach for all employees, regardless of their role and level of access. Users can request, provision and attest to privileged and general user access.
Starling connect
Extend identity governance capabilities to the cloud and reduce time for onboarding new cloud applications.
Governance 360
Provide auditors with detailed, real-time governance reports that include information about what resources are in your environment, who has access to them and when, and why that access was granted and/or terminated.
Attestation dashboard
Schedule on-demand or routine attestation and display the status of group or distribution list in a clear, concise dashboard view. You can also produce detailed reports for discovery, as well as to support compliance.
password reset
Reset user account passwords and set user-policy preferences that mirror the organization’s password rules and requirements. Enables multiple password policies relevant to user roles.
self-service access portal
Save time and reduce IT effort via a customizable online ‘shopping cart’ portal. Enable users to request access to network resources, physical assets, groups and distribution lists and control access rights and permissions for their entire identity lifecycle, while using predefined approval processes and workflows.
multi - factor now
Enable two-factor authentication through Identity Manager with integrated deployment across enterprise applications and integrated with One Identity Starling Two-Factor Authentication (2FA).
SAP Certified
Provide certified deep SAP integration with fine-grained capabilities to enhance and even improve on existing SAP security models.

Benefits

Govern access to on-premises, cloud and hybrid resources from request through fulfillment for users and data

Put access decisions where it belongs – in the hands of the business

Reduce risk by ensuring users only have the access they need 

Eliminate information silos and make better security decisions by combining security information and policies from multiple sources 

Satisfy audit and compliance initiatives with attestation/recertification policies

Build on existing investments and infrastructure and grow from there

use case

iot security

IoT elements are exposed to be attacked permanently, so they need
solid security tools which can cut risks back to as little as possible.
In a world where everything joins networks, even networks too, you
need a tool to make these increased connections organized.
Button Text