Products
MAYI ID is the comprehensive solution that orchestrates your entire digital identity landscape, like an anthill would do. Indeed, our solution provides a structured and integrated approach to identity security
MAYI IAM
Identity and Access Management
Our MAYI IAM provides a secure entry point, able to manage users and memberships in real time . It takes care of the entire user identity lifecycle through our Directory Management, offering both modern and legacy Single Sign-On (SSO), governance, multi-factor authentication (MFA), and attributes such as Windows Hello for Business
Directory Management
Application Catalogue
Directory Services and Federation
Tenant Admin Console (TAC)
Self-Service
Emergency Access
Onboarding Process
Operational Console
Central Login Point
Identity Governance Administration (IGA)
Global Dashboard
Modern Single Sign-on (SSO):
Directory Management
Manages users, group of users, users’ group membership (privileges) for internal or external identity source, through approval procedures
Application Catalogue
Uniquely consents to define applications and propagation group through approval processes for both internal and external applications
Directory Services and Federation
Enables the use of an external identity provider (e.g. Azure) and delegates the authentication to Entra ID, allowing Azure identities to connect to MAYI ID
Tenant Admin Console (TAC)
Manages all tenant-related configurations
Self-Service
Provides all the functionalities for you as a user. It lets you manage independently tokens, personal documents, contact details, invitations, approvals, requests, and external plug-ins
Emergency Access
Provides access to the user cannot log ing. This happens through one-time passwords (OTP), via mobile phone or email address, and magic questions
Onboarding Process
Contact or other information is collected and authentication methods are registered to eventually onboard users on MAYI ID
Operational Console
Enables the ability to perform actions on behalf of another user. It allows to create, unenroll, and unlock admin groups, privileges, as well as managing lifecycle of such users
Central Login Point
Activates different authentication methods (or IDP) and provides a single access point for users to securely log in to applications
Identity Governance Administration (IGA)
Used to manage fully customized approval configurations and email templates and to set the approval level granularly
Global dashboard
Provides dashboards for different populations. Defines objects and creates shortcuts to different applications, approval processes, agent connections, and RDP connections
Modern Single Sign-on (SSO)
Users can access all the applications without any other needs to reauthenticate. Our Modern SSO uses protocols such as SAML and OpenID
MAYI PAM
Priviliged Access Management
Our PAM approach is characterized by offering products like connection manager agent, privileged access and identity management infrastructures, remote gateway, and session recording. It provides multi-layered security approach that protects against unauthorized access from both internal and external threats and ensures granular access controls
Vault
Secret Manager
Connection Manager
Legacy Single Sign-On (SSO)
Password Rotation
Password Reconciliation
Remote Gateway
Session Recording
Vault
Core of the MAYI PAM module. Here our secrets – sensitive information to be kept secure – are stored and created using customizable-field templates. Manages the permissions, audit log view, handles lifecycle of passwords, conducting regular checks to ensure password validity
Secret Manager
Flexibly organizes secrets in folders and subfolders, possibly following a hierarchical order and respecting role-based access control settings
Connection manager
Central place to define SSO to any type of application consuming a secret and store connections via the agent or injector
Legacy Single Sign (SSO)
MAYI PAM supports SSO for legacy authentication protocols. Moreover, it covers SSO to web applications via F5 injection of credentials
Password rotation
Through regular changes, new passwords, and history check, it enhances security and compliance
Password reconciliation
Resets automatically the password and do the reconciliation to make the re-alignment again. It streamlines password management, enhance security, and simplify user access within the organization
Remote Gateway
Provides a secure entry point for users to access critical systems. It establishes a connection from the secure gateway to internal resources via desired available protocol and is necessary for Session Recording
Session recording
Captures a video or creates a log that records the session taken during privileged sessions. It provides a detailed audit trail for compliance purposes and investigation in the event of a security incident or any suspicious activities
MAYI CLM
Certificate Lifecycle Management
MAYI CLM facilitates secure authentication while remaining agnostic to the underlying Public Key Infrastructure (PKI) provider, therefore, addressing both public and private Certificate Authorities (CA). It has been developed with meticulous expertise and does not require any technical knowledge of certificate management
Certificate Lifecycle Operations
Unified Certificate Management
Automation
PKI Agnosticism
Key Escrow
Scan Engine
Certificate Lifecycle Operations
Detects certificates validity, e.g. expiration date
Unified Certificate Management
Provides a centralized platform to manage all certificates and enables some unique functions (e.g. certificate take-over) coordinated by approval flows
Automation
Enables a complete transparent automation of the distribution to the target system as MAYI CLM supports multiple different automation protocols
PKI Agnosticism
Operates with different PKI providers, providing flexibility and preventing vendor dependency as it supports both public and private Certificate Authorities. Built-in IGA allows for customizable approval processes to be implemented
Key escrow
Puts and holds a private key in a vault to use it at any time on different devices, further reinforceable by a HSM
Scan Engine
Detects certificates validity, e.g. when they are expired, revoked, having certificate or (TLS) configuration issues
MAYI HILL
Administration Console
MAYI HILL is the heart of the solution which allows a multi-tenant architecture, enables access to different environments through role-based access control (RBAC). Within MAYI HILL, the groups, privileges, approval, and notifications are defined centrally for all modules (IAM, PAM, CLM)
Global Administration Console (GAC)
Tenant Admin Console (TAC)
Identity Governance Administration (IGA)
Central Login Point
Vault Encryption
Statdashboard
Multilingual Support
Global Administration Console (GAC)
Configures global settings for all the tenants and gets visibility of the setup cross-tenant. This enables the swift deployment of an entire tenant in a matter of hours rather than the usual days or weeks
Tenant Admin Console (TAC)
Manages the tenant’s affairs directly. This includes the ability for the administrator to set comprehensive policies, such as Identity Governance and Administration (IGA) rules, along with tailored parametrization
Identity Governance Administration (IGA)
Seamlessly integrated into the solution, IGA plays a vital role in tasks such as duty segregation, role management, auditing, and reporting. It allows configuration of key solution components, customizable email templates, application catalog setup as well as resource and role mapping flexibility
Central login point
Offers a centralized platform for logging in via various identity providers and consolidates authentication logs in one central location – streamlining user experience, saving time and enhancing security
Vault encryption
Stores sensitive data in an encrypted way converging within PAM, IAM, CLM, and external applications, this component elevates the level of security
Statdashboard
Generates comprehensive reports on various statistics, offering insights into product usage across features and licenses. This transparency is invaluable for understanding costs and expenses, aiding in effective budget planning
Multilingual support
Option to interact with, input, and receive information in various languages, improving users’ accessibility and usability
MAYI HSM
Hardware Security Module
The MAYI Hardware Security Module (HSM) enhances security through tamper-proof hardware, protection against key theft or misuse, reliable key generation and storage, and streamlined compliance with encryption standards.
Partition as a Service
Bring Your Own Key (BYOK)
Bring Your Own Encryption (BYOE)
Double Key Encryption
Backup of the HSM Partition
Partition as a Service
It creates distinct cryptographic domains with unique keys and access controls, allowing multiple tenants or applications to securely use a single HSM in the cloud. Ensures a fast transition to new partitions, which results in significant time and cost savings.
Bring Your Own Key
The encryption key is generated on the HSM and effortlessly imported into your chosen environment. The key ceremony, conducted with witnesses and thorough documentation, ensures stringent governance and uncompromised security.
Bring Your Own Encryption
Allows to own and independently manage the key within the HSM partition. In addition, empowers the user to instantly deactivate keys if necessary and implement custom encryption algorithms. This not only fortifies regualtory compliance, but also eliminates any provider lock in.
Double Key Encryption
By separating responsabilities one system focuses on data encryption and the other on key encryption. The combination between BYOK and BYOE methods ensures that the data remains protected and unbreached.
Backup of the HSM Partition
Carries out encrypted backups with multi-location redundancy, aiming at regulatory standards compliance and operations continuity. Enables seamless HSM key management, which maintains data accessibility and reduces administrative overhead.