Redefining How Privileged Access is Granted – STEALTHbits Privileged Activity Manager 1.3

Redefining How Privileged Access is Granted – STEALTHbits Privileged Activity Manager 1.3

Privileged access will always appeal to cyber attackers because of the access rights associated with these accounts. Despite significant investments in Privileged Access Management (PAM) technologies, privileged accounts are still massively overexposed. Traditional PAM providers have focused on controlling access to accounts and their passwords, not on the activities that need to be performed.

Go Vault-less

Ephemeral (temporary) Account Support = No Standing Privileges
Ephemeral (temporary) Account Support = No Standing Privileges

Many PAM vendors and their deployments require a password vault, choosing to focus on controlling access to privileged accounts via rotating and vaulting passwords. The problem is those accounts still pose a threat because of their standing privileges. Among the new enhancements, STEALTHbits Privileged Activity Manager (SbPAM) 1.3 provides unique ephemeral (another word for “temporary” or “momentary”) accounts used for privileged activities but disabled and stripped of permissions when not in use. This just-in-time and just-enough-privilege approach ensures no standing privileged accounts and removes them as viable attack vectors. Of course, vaults are complex and require continual care, SbPAM can certainly work with them but it’s no longer a requirement.

Get Approval Before Privileged Activity

SbPAM 1.3 gives you the control to require sign-off before an activity or task is performed. Want to add new users, deploy a new server, and/or re-configure varying setting, SbPAM can optionally require tiered approvals before granting the right to perform the activity. This approval workflow not only keeps managers, business owners, and/or application owners aware of administrative activities, but gives them the power to approve or deny who, what, and when.

Save Time, Reduce Complexity with Connection Profiles

With many products that govern access via policy, lack of granular access often forces a need to create many policies to support edge cases. SbPAM 1.3 saves time and effort with Connection Profiles that allow reusable configurations to be applied to many access policies. Connection profile changes are applied globally and automatically and include session parameters such as maximum session time, proxy settings, and approval workflows.

Get PROOF with Session Recordings and Playback

Session Recordings – gain evidence and improve accountability
Session Recordings – gain evidence and improve accountability

Regardless if you’re looking to improve administrator accountability or need evidence during an incident investigation, SbPAM 1.3 provides the ability to record and playback sessions for definitive proof of what actually transpired during a particular session. Save time from combing through logs and re-tracing undocumented steps, by fast-forwarding through videos that are time, task, and administrator specific. SbPAM provides policy-controlled recordings, so organizations can ensure they record the activities and people that matter most.

STEALTHbits Privileged Activity Manager (SbPAM) blazes a new path toward privilege access management by focusing on the activity, not the administrator. Privileged rights and accounts are granted temporarily, just when needed, then removed when not in use. This just-in-time, just-enough-privilege reduces your attack surface and better protects against access most sought by those looking to exploit systems and information.

To learn more about STEALTHbits Privileged Activity Manager, visit https://www.stealthbits.com/stealthbits-privileged-activity-manager-pam-product.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other