Contact Us

EZGIT Overview

Request Demo

The First SSH CA for GitHub

In recent years, hackers have realized that GitHub repositories are a great way into a company. Allows them to scan the code for vulnerabilities or even push their own back doors without teams noticing. These high privilege actions are usually protected by a simple password or an SSH key that does not expire and is sitting unprotected on your developer’s workstation. EZGIT is the first SSH CA for GitHub repositories. EZGIT leverages your secure corporate Identity (Azure AD or Okta) to authenticate the user into the service and issues a short-term certificate to give the user Just in Time (JIT) access to your repositories. No more keys in engineers desktops waiting to be stolen by bad actors!

User Experience

Manage your GitHub access with just in time SSH Access

Access Control

EZGIT uses Okta or Azure AD as the identity provider, allowing you to use your Identity Provider Conditional Access policies to prevent and detect malicious login to your most important resource, your code. All these extra security measures come at no extra churn for your users. The user uses the SSO workflow they are used to and EZGIT issue the short-term certificate in the background.

Deploy Zero-Trust SSH authentication in seconds with our Azure Marketplace offering

Deploy in Seconds

EZGIT can be easily deployed! All you need to do is register the application in your Azure tenant and sign up for EZGIT. If your GitHub users do not map to your aliases, EZGIT will automatically map the correct GitHub user to their username.

Reduce Engineering onboarding time by removing SSH Keys

Reduce Onboarding Time

Save hours of engineering productivity by no longer having developers register their SSH Keys in GitHub by switching to EZGIT. EZGIT uses your secure developer identity to authenticate your developers and issue a short-lived certificate. Reducing onboarding time, while also protecting the user key from being stolen due to mismanagement of the private key.

Stop using never expiring SSH Keys and change to short term SSH Certificates

No More SSH Key Management

Following SSH Keys best practices is hard and failing to do it have caused many companies to have their source code compromised. Are your engineers keeping their SSH keys safe? Are they password protected? Have their shared/emailed/committed their private key by mistake? EZGIT removes all that complexity by hiding all the key management form the user and issuing time bound certificates.

Enhance your GitHub Security without compromising on user experience

Works With Most Git Clients

EZGIT adds the short-term certificates to the computer’s SSH agent, which is the credential manager used by most git clients. This enables transparent security to your users; all the user has to do is run “ezssh git" in their terminal and use their preferred git client tool.

Audit your SSH access and enable true passwordless authentication

Easy to Audit Access

All access requests are logged and can be easily exported for your security team to analyze and to easily comply with compliance audits.

Infrastructure Security

All Keytos infrastructure is fully passwordless

Passwordless Infrastructure

All of infrastructure authenticates between micro-services with passwordless technology. Protecting us from credential theft.

Every EZGIT policy is backed by a FIPS HSM

Secure HSM

CA keys are created for each policy and never leave the FIPS 140-2 Hardware Security Modules.

Bring your Own HSM and retain ownership of your cryptographic material

Bring Your Own CA

Control your CA keys and give EZGIT access to sign certificates. Contact us to learn more about this option.

Secure Your GitHub Repositories in Minutes

Get a Free Identity Assessment

Talk to one of identity experts on how EZGIT can reduce onboarding time, while protecting your code. Schedule Free Assessment