Visual Guard Application Security Features

Visual Guard is a modular solution covering most application security requirements, from application-level security systems to Corporate Identity and Access Management Solutions.

User and Identity Management Express Professional Enterprise

Each Enterprise licenses allows declaring a certain number of user accounts. Visual Guard can support millions of users, public-facing systems or multiple international corporate sites. You can choose to centralize all your security in a single Visual Guard instance, or a deploy distributed/regional security systems.

up to 1000 up to 1000 unlimited,
depends on license

Authenticate users with their Windows Accounts and grant them permissions and roles defined within Visual Guard.

Authenticate users with login/password accounts defined within Visual Guard. Define a password policy for these accounts (see below).

for login/password accounts, users can create their account themselves. You can let Visual Guard grant them automatically default roles. You can also require an admin validation before they can access your system.

Define a hierarchy of user groups, for instance replicating the hierarchical structure of your organization. Place users in 1 or several groups. Grant roles à group level.

User Authentication Express Professional Enterprise

Form-based authentication (both for windows accounts and login/pwd accounts)

Visual Guard captures the current Windows account and authenticate it against Active Directory. Then, VG loads and applies the user access rights. This is done automatically and silently: users don't need to enter their credentials when launching the application.

Your application can support simultanously Login/password accounts and Windows Accounts. For instance Windows Accounts for internal users, and username/password accounts for external users. Users simply select their account type when logging in. Read more

For .NET desktop applications (WPF, Winforms): Visual Guard stores locally the user security data, and keeps managing authentication and permissions while offline.

For login/password accounts, you can customize the rules to define, renew, unlock and expire a password. For Windows accounts, the current Active Directory Password Policy will apply.

User can authenticate with their Windows credentials, although they do not connect from your corporate network. Eg public wifi, mobile Internet, etc.


You can implement Single Sign-On across websites hosted in completely independent networks or companies. Users log once, and jump from a website to another, without loging in again. Read more


Federate independent Active Directories, hosted in separate networks or companies. Each windows administrator register their Windows accounts in the Visual Guard Repository and grant them roles. Your security is centralized, although users are spread over several Windows domains. Read more

Permissions and Roles management Express Professional Enterprise

Dynamic permissions can be defined at run-time, and are 100% independent from the application's code, hence the term "dynamic". They are defined in the VG console , stored in VG Repository and applied dynamically by VG at run-time. They are well adapted to dynamically disabling/hiding controls, or filtering data in a given grid/component/webservice. Learn more

Static permissions are defined in the VG console and stored in the VG Repository. The application's code tests if the current user has a given permission, and take the proper actions to enable/disable the correspoding feature(s). Static permissions are well adapted to defining business permissions across several components or applications. For instance "CanReadInvoice", "CanUpdateSalary", etc. When a Security Admin grants/revokes such a permission, all applications take it instantly into account.

You can define Roles only (excluding permissions) or define Roles & permissions, and grant Permissions to Roles.

You can grant Roles to Users, no matter the Role is containing Permissions or not. Your application will be secured depending on the Roles or Permissions granted to the user. You can grant one or several Roles to a User.

By granting a Role to a User Group, you grant this Role to all Users contained in the User Group. If the User Group also includes sub-Groups, all Users placed in such Sub-Groups also get this role. You can grant one or several Roles to a User Group.

Audit, Compliance, Segregation of duties Express Professional Enterprise

Keep track of user logon, user operations, administrator operations...


Save all sensitive operations users have performed in applications secured by Visual Guard (who has done what, when, etc...). Filter them with multiples criteria (per application, user, dates, device, type of event…)


Review the admin operations related to security : creating user, granting roles, etc. Filter them with multiples criteria (per application, user, dates, device, type of event…)


Visual Guard administrators and auditors can generate reports based on the current security data (users, groups, roles, permissions...)

Applications & Tools Express Professional Enterprise

Ready-to-use desktop application, used by administrators, developers and auditor to setup the environment, manage and audit application security. Learn more

Ready-to-use web application, used by administrators to manage daily security and auditors to control security. Learn more


Developer utility, used to deploy a security database from dev to test, then production environments. Learn more


"VG Server exposes web services to secure any applications capable of https or SOAP requests (Java, PHP, Delphi, C++, etc…). VG Server allows to secure .Net applications that cannot directly access the VG repository (DMZ, Remote Application, etc.) Read more

Development technologies Express Professional Enterprise

Visual Guard exposes extended APIs that allows performing all security features by program. APIs are secured to rectrict operations based on VG security permissions granted to the operator.

Native integration with Winform, WPF, ASP.NET, WCF, MVC Applications

Native integration with SharePoint Applications

Native integration with PowerBuilder Classic Applications


Integration with any development technology capable of calling the Web Services exposed by the Visual Guard Server for Authentication, Authorization and Audit purposes.

Architecture Express Professional Enterprise

Centralize the securty of all your applications. Get a global overview of all users and their access rights across the entire IT system. Comprehensive and uniform Control and Audit for your application portfolio.

1 unlimited unlimited

Secure all types of application. Read More

Desktop applications with all clients running in the same Network and/or Web application(s) with Server(s) running in the same Network. Read More

Centralize security for applications running in any Network configuration. Support for multiple, independent networks, as well as independent, secured zones isolating database server, service layer and public facing UI (DMZ). Read More


Integration with 1 or several Active Directory located in the same forest than the application.

Federation of multiple Active Directories, hosted ni various network/companies. Read more

Customization Express Professional Enterprise

Get the full source code of the Web Admin Console, and adapt it for your business needs. Implement your business logic and corporate presentation standards, and call the Visual Guard API to perform any administration features. Our support team will guide you every step of the way.


Support for any type of user accounts/Identity(ies)/authentication process by developing custom modules within Visual Guard. Our support teamwill guide you every step of the way.


Implement custom security rules for application security. For example, enforce segragation of duties by defining which roles or user group should be mutually exclusive (can't be granted to the same user). Our support team will guide you every step of the way.

  Start Now Try It Try It