Products

Application Catalogue

Ensures token integrity with tailored access control. It uniquely defines user-specific application rights, enabling precise group propagation through approval processes for seamless application management.

External Identities

Logs in effortlessly using your external identity provider, including Azure. Authentication is delegated to Microsoft Entra ID, allowing Azure identities to securely access MAYI ID without extra credentials, streamlining authentication and security.

Single Sign-on (SSO)

Access to all applications with modern SSO protocols like SAML and OpenID. MAYI PAM portion also enables SSO for legacy systems via credential injection at the gateway level, supporting various protocols and devices, including desktop agents for Windows and Linux.

Self Service

Provides all the functionalities for you as a user. Allows to independently handle tokens, personal documents, contacts, invitations, approvals, and requests – all from one place. Enables seamless control over onboarding and external integrations.

Emergency Access

Provides access to the user when login fails by providing temporary authentication through one-time passwords (OTP) via mobile or email, or through magic questions.

Onboarding Process

Collects contact and registers authentication methods efficiently through tailored processes, ensuring a smooth user enrollment. Smart design handles interruptions seamlessly, making onboarding faster and more reliable.

Operational Console

Allows to perform actions on behalf of users. Designated users can create, delete, unenroll, and unlock user accounts and admin groups, manage privileges, and oversee user lifecycle. Includes options for helpdesk and contextual audit logs for secure operations.

Identity Governance Administration (IGA)

Manages fully customized approval configurations, email templates for specific actions, workflows, and onboarding, and sets approval levels with granularity. Enables to define templates for users, groups, roles, and privileges – establishing a comprehensive governance framework.

Global dashboard

Versatile dashboard tailored to different populations. Defines objects and creates shortcuts to applications, approvals, secrets, and both agent and RDP connections. Supports multiple user groups with customized views and simplifies workflows.

Secret Manager

Flexibly organizes secrets in folders and subfolders, possibly following a hierarchical order and respecting role-based access control settings

Connection manager

Central place to define SSO to any type of application consuming a secret and store connections via the agent or injector

Password management and security

MAYI PAM automates password resets, enforces complexity rules, length requirements, and expiration schedules, and ensures seamless synchronization across Active Directory, databases, and network devices. It dynamically generates strong passwords, prevents reuse, and performs real-time reconciliation to maintain security and compliance. With detailed history tracking and automated rotation, it minimizes credential misuse and simplifies access management.

Remote Gateway

Provides a secure entry point for users to access critical systems. It establishes a connection from the secure gateway to internal resources via desired available protocol and is necessary for Session Recording

Session recording

Captures a video or creates a log that records the session taken during privileged sessions. It provides a detailed audit trail for compliance purposes and investigation in the event of a security incident or any suspicious activities

Legacy Single Sign (SSO)

MAYI PAM supports SSO for legacy authentication protocols. Moreover, it covers SSO to web applications via F5 injection of credentials

Unified Certificate Management

Provides a centralized platform to manage all certificates and enables some unique functions (e.g. certificate take-over) coordinated by approval flows

Automation

Enables a complete transparent automation of the distribution to the target system as MAYI CLM supports multiple different automation protocols

PKI Agnosticism

Operates with different PKI providers, providing flexibility and preventing vendor dependency as it supports both public and private Certificate Authorities. Built-in IGA allows for customizable approval processes to be implemented

Key escrow

Puts and holds a private key in a vault to use it at any time on different devices, further reinforceable by a HSM

Scan Engine

Detects certificates validity, e.g. when they are expired, revoked, having certificate or (TLS) configuration issues

Tenant Admin Console (TAC)

Manages the tenant’s affairs directly. This includes the ability for the administrator to set comprehensive policies, such as Identity Governance and Administration (IGA) rules, along with tailored parametrization

Identity Governance Administration (IGA)

Seamlessly integrated into the solution, IGA plays a vital role in tasks such as duty segregation, role management, auditing, and reporting. It allows configuration of key solution components, customizable email templates, application catalog setup as well as resource and role mapping flexibility

Central login point

Offers a centralized platform for logging in via various identity providers and consolidates authentication logs in one central location – streamlining user experience, saving time and enhancing security

Vault encryption

Stores sensitive data in an encrypted way converging within PAM, IAM, CLM, and external applications, this component elevates the level of security

Statdashboard

Generates comprehensive reports on various statistics, offering insights into product usage across features and licenses. This transparency is invaluable for understanding costs and expenses, aiding in effective budget planning

Multilingual support

Option to interact with, input, and receive information in various languages, improving users’ accessibility and usability

Bring Your Own Key

The encryption key is generated on the HSM and effortlessly imported into your chosen environment. The key ceremony, conducted with witnesses and thorough documentation, ensures stringent governance and uncompromised security.

Bring Your Own Encryption

Allows to own and independently manage the key within the HSM partition. In addition, empowers the user to instantly deactivate keys if necessary and implement custom encryption algorithms. This not only fortifies regualtory compliance, but also eliminates any provider lock in.

Double Key Encryption

By separating responsabilities one system focuses on data encryption and the other on key encryption. The combination between BYOK and BYOE methods ensures that the data remains protected and unbreached.

Backup of the HSM Partition

Carries out encrypted backups with multi-location redundancy, aiming at regulatory standards compliance and operations continuity. Enables seamless HSM key management, which maintains data accessibility and reduces administrative overhead.