Portnox, a provider of passwordless, universal zero trust security solutions, has expanded its zero trust network access (ZTNA) solution, extending credential-free access beyond web and on-premises applications to include enterprise console-based applications. Organizations can eliminate passwords and credentials from administrative access via remote desktop protocol (RDP), secure shell (SSH), virtual network computing (VNC) and Teletype Network (Telnet), the company said.
The change removes the attack vector responsible for 80 percent of data breaches, officials said.
“As enterprises accelerate digital transformation to support hybrid work, cloud migration and AI adoption, every new initiative expands the attack surface faster than security teams can adapt,” the company said. “The problem with traditional approaches is that they attempt to secure vulnerable architectures instead of redesigning them for modern risk. Legacy VPNs grant broad network access. Credential vaults just manage passwords. Neither addresses the root cause.”
Portnox’s approach is to eliminate passwords and credentials entirely.
“When we launched Portnox ZTNA in July 2025, we proved that you don’t have to sacrifice speed or simplicity to achieve zero trust,” said Denny LeCompte, CEO of Portnox. “Our expansion into console-based applications shows what happens when you substantially reduce the attack surface. Portnox customers are removing passwords and replacing VPNs while improving the user experience across their application suite. That’s the promise of true zero trust: better security, increased productivity and ease of use.”
In addition to passwordless, certificate-based authentication, Portnox ZTNA offers continuous device posture monitoring and risk-adaptive policies, automated remediation of non-compliant endpoints before access is granted, and zero network impact deployment—no firewall changes, VPN clients or agent installations required, officials said.
The solution is also designed to provide a unified view of all authorized resources across applications and infrastructure, a single sign-on experience for enterprise applications (web, SaaS, on-premises, console-based), role-based and location-based access controls with real-time policy enforcement, and simplified endpoint management and automated security workflows.
Continuous zero trust verification includes identity verification through integration with enterprise IdPs (Okta, Azure AD, Google Workspace), device posture checks against organizational security policies, network and location context evaluation for every access request, risk scoring for adaptive security, and automatic access revocation when device posture or risk conditions change, the company said.
