Xceedium

Xceedium, Inc., was a network security software company providing privileged identity and access management solutions which was subsequently acquired by CA Technologies. Their software is used to control and manage the risks that privileged users, privileged accounts (admin, root, etc.) and privileged credentials (passwords, certificates, digital keys, etc.) pose to systems and data.

History
Xceedium Inc., was founded in 2000 by David Van and David Cheung when the company split from Lucid Technologies Group, a company created in 1995. The company developed software for internal use that provided its consultants with secure remote access to sensitive customer systems. This software became the core technology for the Xceedium GateKeeper product. Xceedium's products were aimed at mid-large sized enterprises in vertical market segments including banking and financial services, retail, telecom, healthcare, energy and government agencies. They marketed their product through a global partner network.

Xceedium's headquarters was originally located in Jersey City, New Jersey until it relocated to Northern Virginia in March 2011. Initial funding for the venture-backed company came from ArrowPath Venture Partners and Nationwide Mutual Capital.

Xceedium was a private, venture capital backed company with funding from ArrowPath Venture Partners and Nationwide Mutual Capital. In June 2012, Xceedium closed a $12 million financing led by ArrowPath Venture Partners bringing the total capital raised to $25 million Xceedium was acquired by CA Technologies in August 2015.

Products
Xceedium Gatekeeper was the first product designed by the company, initially built with out-of-band and in-band KVM for remote IT control. The GateKeeper software was updated to provide network-based access control and session recording/playback. Later, GateKeeper and Cloakware Password Authority (a product acquired from Irdeto) were integrated to form Xceedium Xsuite.

The main capabilities of Xceedium Xsuite were: role-based access control, command filtering (white/black list), user containment (prevents SSH based leapfrogging or RDP hopping to unauthorized nodes), session monitoring/policy violation alerting, session recording and playback and privileged password vaulting and management. The Xceedium Xsuite platform enabled organizations to apply the principle of least privilege, which holds that systems and individuals should only be granted access to the resources and commands that are absolutely necessary for the required task. According to the company, Xsuite limited access for privileged users to the systems and commands for which they are explicitly authorized (Role-based access control). It also monitored the activities of privileged users and sent alerts when individuals attempted to violate a policy. The system recorded privileged user sessions such as telnet, RDP, SSH, and VNC and provided a mechanism to replay recorded session for investigations and forensics.

Xsuite Cloud for Amazon Web Services (AWS) was introduced as an extension to the Xsuite platform. It provided privileged identity and access management for standalone AWS implementations or hybrid architectures that can include infrastructure nodes (e.g., servers, network devices, storage devices, security systems) running on: AWS Amazon Elastic Compute Cloud (EC2), private clouds, as virtual machines or traditional single OS/hardware scenarios.

Following the acquisition of Xceedium by CA, Xceedium Xsuite was integrated into the CA product range as CA Privileged Access Manager.