Multi-Cloud Identity Control Plane

Distributed identity. Unified policy.

How do you maintain distributed identity and get unified management?

Strata’s Maverics Identity Orchestrator™ is an identity control plane that manages consistent user identity and access policies for apps deployed across multiple cloud platforms. It’s also an abstraction layer integrated with the multiple identity infrastructure systems and cloud platforms you use.

Maverics Identity Orchestrator also integrates with identity systems from our partners Microsoft Azure AD, Okta, AWS Identity, and GCP Cloud Identity.

Maverics is not another SSO, directory, or authentication solution, but a new class of distributed identity for your distributed computing.

Challenges with distributed multi-cloud identity

  • Each cloud has varying identity capabilities, making consistent management of user access policies virtually impossible.
  • Manual efforts to manage large numbers of policies can lead to drift and unintentional access exposure.
  • IAM and authentication systems each have multiple and complex APIs requiring custom coding and maintenance.
  • Applications that don’t support SAML or OIDC require rewriting to migrate them to the cloud and onto a modern identity platform.

Powering distributed multi-cloud with identity orchestration

Strata’s Maverics platform is the first Identity Orchestration software purpose-built for the multi-cloud enterprise. Maverics works as both an abstraction layer and an identity control plane, allowing organizations to run apps on whatever cloud and identity system desired.

Well connected, seamlessly integrated

Maverics’ powerful abstraction layer has native support for standards like SAML, OIDC, SCIM, REST, and LDAP. Integration is built-in with Maverics Connectors™ available for Azure AD, Okta, SiteMinder, OAM, Ping, Salesforce, PlainID, ForgeRock, and others. There’s no need to learn or manage multiple APIs from different vendors, which means no custom integration code to maintain. Use the Maverics Connector Catalog™ and get out of the identity integration business for good.


Infinite Flexibility with Dynamic Call Outs Simplicity

Maverics Identity Orchestration supports sophisticated identity flows across multiple runtime systems such as authentication, multi-factor authentication, authorization, gathering identity attributes, retrieving threat scores, and performing device verification. Maverics Service Extensions™ allow you to call out at runtime to any system using JavaScript or pre-compiled Go code for virtually unlimited runtime flexibility.

Meeting the Declarative Imperative for Identity Infrastructure as Code

Maverics uses a revolutionary declarative policy model to define identity flows and sessions. If you are familiar with Kubernetes then you’ll pick up Maverics YAML quickly. Simply declare what you want to happen and Maverics identity orchestration makes it happen. Also, Maverics plays nicely with your IaaS DevOps tool stack, making it easy to automate.

One Meta Policy to Rule Them All

Maverics can enforce a global access policy at scale across multiple distributed clouds. This universal policy can enforce granular rules like geo-fencing, time-of-day/day-of-week login restrictions, and access based on risk scoring or device verification. Maverics policies bring feature parity between different identity vendors and technologies, meaning you don’t have to compromise security for any of your apps.

Business Impact

integration cost

sunsetting of legacy

Eases transition
between cloud platforms

Reduces risk
from policy drift

Securely run and manage apps and identities across multi-cloud and hybrid infrastructures.

See the Identity Fabric in Action today.

How the Multi-Cloud Identity Control Plane Works

Maverics identity infrastructure software works as an abstraction layer that decouples apps from identity. It natively integrates with all the cloud platforms, cloud identity systems, and on-premises identity and app infrastructures. Maverics gets away from manual integration efforts, enabling you to move apps wherever you want and mix and match the identity systems desired.