Xceedium, Inc., was a
network security software company providing privileged identity and access management solutions which was subsequently acquired by
CA Technologies. Their software is used to control and manage the risks that privileged users, privileged accounts (admin, root, etc.) and privileged credentials (passwords, certificates, digital keys, etc.) pose to systems and data.
History
Xceedium Inc., was founded in 2000 by David Van and David Cheung when the company split from Lucid Technologies Group, a company created in 1995. The company developed software for internal use that provided its consultants with secure remote access to sensitive customer systems. This software became the core technology for the ''Xceedium GateKeeper'' product. Xceedium's products were aimed at mid-large sized enterprises in vertical market segments including
banking
A bank is a financial institution that accepts deposits from the public and creates a demand deposit while simultaneously making loans. Lending activities can be directly performed by the bank or indirectly through capital markets.
Because ...
and
financial services
Financial services are the Service (economics), economic services provided by the finance industry, which encompasses a broad range of businesses that manage money, including credit unions, banks, credit-card companies, insurance companies, acco ...
,
retail
Retail is the sale of goods and services to consumers, in contrast to wholesaling, which is sale to business or institutional customers. A retailer purchases goods in large quantities from manufacturers, directly or through a wholesaler, and t ...
,
telecom,
healthcare
Health care or healthcare is the improvement of health via the prevention, diagnosis, treatment, amelioration or cure of disease, illness, injury, and other physical and mental impairments in people. Health care is delivered by health profe ...
,
energy
In physics, energy (from Ancient Greek: ἐνέργεια, ''enérgeia'', “activity”) is the quantitative property that is transferred to a body or to a physical system, recognizable in the performance of work and in the form of heat a ...
and
government
A government is the system or group of people governing an organized community, generally a state.
In the case of its broad associative definition, government normally consists of legislature, executive, and judiciary. Government is a ...
agencies. They marketed their product through a global partner network.
Xceedium's headquarters was originally located in Jersey City, New Jersey until it relocated to Northern Virginia in March 2011. Initial funding for the venture-backed company came from ArrowPath Venture Partners and Nationwide Mutual Capital.
Xceedium was a private,
venture capital
Venture capital (often abbreviated as VC) is a form of private equity financing that is provided by venture capital firms or funds to startups, early-stage, and emerging companies that have been deemed to have high growth potential or which ha ...
backed company with funding from ArrowPath Venture Partners and Nationwide Mutual Capital. In June 2012, Xceedium closed a $12 million financing led by ArrowPath Venture Partners bringing the total capital raised to $25 million Xceedium was acquired by
CA Technologies in August 2015.
Products
''Xceedium Gatekeeper'' was the first product designed by the company, initially built with
out-of-band
Out-of-band activity is activity outside a defined telecommunications frequency band, or, metaphorically, outside of any primary communication channel. Protection from falsing is among its purposes.
Examples General usage
* Out-of-band agreement ...
and
in-band
In telecommunications, in-band signaling is the sending of control information within the same band or channel used for data such as voice or video. This is in contrast to out-of-band signaling which is sent over a different channel, or even ov ...
KVM for remote IT control. The ''GateKeeper'' software was updated to provide network-based access control and session recording/playback. Later, ''GateKeeper'' and ''Cloakware Password Authority'' (a product acquired from Irdeto) were integrated to form ''Xceedium Xsuite''.
The main capabilities of ''Xceedium Xsuite'' were: role-based access control, command filtering (white/black list), user containment (prevents SSH based leapfrogging or RDP hopping to unauthorized nodes), session monitoring/policy violation alerting, session recording and playback and privileged password vaulting and management. The ''Xceedium Xsuite'' platform enabled organizations to apply the
principle of least privilege
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in a particular abstraction la ...
, which holds that systems and individuals should only be granted access to the resources and commands that are absolutely necessary for the required task. According to the company, ''Xsuite'' limited access for privileged users to the systems and commands for which they are explicitly authorized (
Role-based access control). It also monitored the activities of privileged users and sent alerts when individuals attempted to violate a policy. The system recorded privileged user sessions such as
telnet
Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. User data is interspersed in-band with Telnet control i ...
,
RDP,
SSH
The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.
SSH applications are based on a ...
, and
VNC
Virtual Network Computing (VNC) is a graphical desktop-sharing system that uses the Remote Frame Buffer protocol (RFB) to remotely control another computer. It transmits the keyboard and mouse input from one computer to another, relaying the g ...
and provided a mechanism to replay recorded session for investigations and forensics.
''Xsuite Cloud for
Amazon Web Services (AWS)'' was introduced as an extension to the ''Xsuite'' platform. It provided privileged identity and access management for standalone AWS implementations or hybrid architectures that can include infrastructure nodes (e.g., servers, network devices, storage devices, security systems) running on: AWS
Amazon Elastic Compute Cloud (EC2), private clouds, as virtual machines or traditional single OS/hardware scenarios
Following the acquisition of Xceedium by CA, ''Xceedium Xsuite'' was integrated into the CA product range as ''CA Privileged Access Manager''.
References
{{Reflist
Defunct computer companies of the United States
CA Technologies
Computer security software
Companies established in 2000
Companies disestablished in 2015
2015 mergers and acquisitions