EZGIT uses SSH Certificates to create short-term access keys signed by our HSM backed Certificate Authority (CA) that will grant just in time access to your GitHub while creating an audit log that can be traceable back to the user and their actions.
Each policy inside each customer’s account will get their own HSM backed Certificate Authority, creating an identity perimeter limited to your own access policy. We also offer a bring your own CA option where we you can bring your own Azure Key Vault give EZGIT create, and sign permissions and you are in control of your private key and how they are used.
Save hours of engineering productivity by no longer having developers register their SSH Keys in GitHub by switching to EZGIT. With EZGIT GitHub Single Sign-On we use your secure developer identity to authenticate your developers and issue a short-lived certificate. Reducing onboarding time, while also protecting the user key from being stolen due to mismanagement of the private key.
Following SSH Keys best practices is hard and failing to do it have caused many companies to have their source code compromised. Are your engineers keeping their SSH keys safe? Are they password protected? Have their shared/emailed/committed their private key by mistake? EZSSH removes all that complexity by hiding all the key management form the user and issuing time bound certificates.
EZGIT adds the short-term certificates to the computer’s SSH agent, which is the credential manager used by most git clients. This enables transparent security to your users; all the user has to do is run “ezssh git" in their terminal and use their preferred git client tool.
While using a short-term certificate sounds like a lot of work for a user each time they want to login. The user is not aware of all of this going on in the background. The user simply types the command, a browser pops up, they login with their corporate identity and we do all the magic in the backend, the only thing the user knows is they got a secure way to connect to GitHub and they no longer need to manage SSH keys.
All access requests are logged and can be easily exported for your security team to analyze and to easily comply with compliance audits.