Excalibur

Excalibur utilizes the mobile phone to act as a secure hardware token for any and all authentication and authorization needs inside of the enterprise. The ultimate goal is to move all forms of authentication and authorization away from passwords, replacing them seamlessly with smartphone-based strong but user friendly multi-factor authentication. Excalibur’s unique value is in providing backward compatibility with all the applications, Operating System (OS) and services the enterprise uses today creating a bridge between the password-based present day and password-free future.

Excalibur is not limited to OS login. Excalibur Privileged Access Management (PAM) provide sweb-based access to Enterprise resources – acting as a HTML5 to other protocols proxy server (Remote Desktop Protocol (RDP), SSH, Telnet, Virtual Network Computing (VNC) or even Browser access).

In Excalibur PAM - zero-trust means the client machine doesn’t need to be trusted as nothing is installed on it and all access from it goes via browser. The client machine doesn’t get access to the internal network so viruses, malware, ransomware etc. cannot spread.

As Excalibur is passwordless the user authentication is zero-trust too, the user has no way to delegate the access granted to him as access is tied to his smartphone (ownership factor), location factor (such as his branch office), knowledge factor (his Personal Identification Number (PIN) code) and ideally some form of biometry (HW on device biometric sensor).

Excalibur PAM considers all sessions “privileged” and by default recorded. That’s why we also tend to call it SAM - Streamed Access Management. Every action taken by the user is cryptographically signed to certify it was performed by the authenticated user. The effect of this is that there is continuous matching of every user action (as every user action and user PAM session is recorded and cryptographically signed) to strongly multi-factor authenticated identity.