Corsha v1.21: Expanding Machine Identity Governance with Entra ID Integration

Read full details here: https://corsha.com/blog/corsha-adaptive-identity-for-machines/?source=nhimg

Corsha’s latest release, version 1.21, delivers a major step forward in machine identity management by introducing seamless integration with Microsoft Entra ID and expanding visibility, analytics, and governance across all API clients—whether internally managed or third-party. This update addresses one of the most pressing challenges in modern security: the explosive growth of unmanaged machine identities and the risks posed by over-permissioned secrets and static credentials.

Key Capabilities in Corsha v1.21

1. Microsoft Entra ID Machine Identity Import

• Import machine identities—including client secrets, certificates, and user principal names—directly from Microsoft Entra ID.

• Automatically monitor all App Registration secrets and certificates within Azure tenants.

• Maintain a single source of truth while gaining full discovery, visibility, and usage tracking for provisioned credentials.

2. Advanced Behavioral Analytics

• Detect credential reuse across multiple IP addresses and drill into per-IP traffic and request history.

• Identify and flag secret lifecycle violations, including:

  • Secret Age – Secrets active beyond security policy limits.

  • Excessive Validity Periods – Overly long-lived credentials increasing exposure.

  • Expired Secrets – Ensuring only active, valid credentials are in use.

3. Real-Time Observability and Gatekeeper Management

• Single-pane-of-glass dashboard to monitor all API requests and machine identity usage.

• Per-client, per-gatekeeper, and machine group request tracking.

• Dual Gatekeeper Mode for bidirectional API call authentication—adding MFA to outbound traffic and verifying inbound requests.

4. Agentless and Authenticator-Based Deployment

• Manage both authenticator-enabled and agentless machine clients.

• Apply adaptive authentication based on identifiable API client characteristics.

Security & Operational Benefits

• Discovery and Visibility: Real-time insight into all API calls and identity usage patterns to detect secret sharing or credential theft.

• Policy Enforcement: Block reused credentials, enforce lifecycle rules, and schedule access windows to align with least-privilege principles.

• Seamless Integration: Leverage existing Microsoft Entra ID infrastructure while extending governance to unmanaged and third-party API clients.

• Flexible Deployment: Available for both on-premise and cloud environments, with streamlined upgrade paths for current Corsha customers.

Strategic Impact

Corsha v1.21 strengthens the ability of security teams to govern machine identities at scale, combining identity provider integration, advanced analytics, and real-time traffic control into a unified platform. By closing visibility gaps and enforcing security policies across all API clients, organizations can mitigate credential abuse, reduce attack surfaces, and maintain compliance—without disrupting operations.