Security Built on a Solid Zero Trust Foundation
Device trust is the foundation of Zero Trust
Device identity binds users to devices with cryptography, providing invisible multi-factor authentication (MFA)
Device identity is very important to your security posture. Organizations should have rules for managed and unmanaged devices. Some organizations do not allow unmanaged devices.
Devices that are managed or corporate-issued may be treated differently than BYOD or unregistered devices. Typically, these devices have more security-enabling applications installed and can be controlled by corporate tools such as UEMs.
Some organizations may allow unmanaged/unregistered devices, especially for a specific set of users like consultants accessing a limited number of low-risk applications.
Device posture reduces risk of malware spread
The Banyan app ensures that the proper applications and settings are configured on end devices to ensure that malware detection is happening, and the spread is prevented.
To further enhance this functionality, integrating with the rest of your security stack is possible. For example, we can integrate with your EDR to reduce or completely cut off access when a device is compromised.
Clientless device trust via API integration with UEM/EDR for easy deployment
Trust scoring uses information collected by the Banyan app from end user devices. This can be further enhanced by getting information on what’s happening on the device from your existing EDR.
Integrations with vendors like CrowdStrike and SentinelOne are achieved through APIs.
More info on Trust Integrations ⇢
Banyan APIs are accessible using a simple Python API client and command-line utility which is available on GitHub.
Comprehensive visibility
Correlated user, device, security posture, and app activity
Dashboards provide a quick overview of users, devices, security postures, and app activity. A Sankey diagram correlates users, their devices, and the resources they access for easy interpretation.
Rich detail is accessible by clicking on the dashboard widgets or going to the logging section.
Advanced filtering is available to narrow down the information you’re looking for.
Logs can be exported to archive or for use by other tools.
Inclusive visibility regardless of user or resource location
See who is using Banyan and Banyan-protected resources, regardless of authentication method
Get a view of what devices workers are using
Gain insight into which resources users access
Widgets show top resources accessed and blocked attempts to help you better understand end user behavior
Easy to interpret dashboards, human-readable policy
Create simple, human-readable policies without having to write code or learn complex syntax. Policies include who, using what specific devices, can access which resource.
Integration with security stack
Leverage MDM/UEM for zero-touch installs
Deploying the Banyan app can be done easily leveraging your existing investment in MDM/UEM.
With Zero Touch install, the following steps are automated:
Creating an mdm-config.json file that specifies app functionality
Downloading the latest Banyan app version and installing it (you can also optionally specify an exact app version)
Staging the app with the device certificate that contains user information
Starting the app as the logged-in user
Use Endpoint Detection and Response (EDR) device telemetry data in trust scoring
Trust scoring involves information that the Banyan app collects from end user devices. This can be further enhanced by getting information on what’s happening on the device from your existing EDR.
Integrate with vendors such as CrowdStrike and SentinelOne through APIs.
Banyan APIs permit both automation and data access for use in downstream solutions like SIEM
Automate repetitive tasks from initial deployment to configuration updates, along with monitoring.
Export logs and other information to external systems such as syslog and SIEM.
Leverage Banyan APIs using a simple Python API client and command-line utility available on GitHub.