STEALTHbits Technologies, Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, today announced the release of STEALTHbits Privileged Activity Manager (SbPAM) 1.3, their just-in-time (JIT), just-enough privilege, task-based Privileged Access Management platform.
Privileged accounts will always appeal to cyber attackers because of the access rights associated with these accounts. Despite significant investments in Privileged Access Management (PAM) technologies however, privileged accounts are still massively overexposed in most organizations. Traditional PAM providers have focused on controlling access to accounts and their passwords, not on the activities an administrator needs to perform while using the account. Worse, the traditional PAM paradigm still leaves many privileged accounts at risk of compromise as the accounts maintain persistent access (commonly referred to as “Standing Privileges”) to the resources they’re assigned to. Savvy attackers are able to exploit this condition with relative ease.
Among dozens of enhancements, SbPAM 1.3 provides unique ephemeral (temporary or momentary) accounts to be created at the time a privileged activity needs to take place, but automatically disabled and stripped of permissions when not in use. This approach ensures no standing privileges remain with accounts, removing them as viable attack targets. Additionally, new multi-tier approval workflows ensure managers and business owners are not only aware of administrative activities, but are able to actively approve or deny session requests.
“No accounts have privileges associated with them on a permanent (i.e., static) basis, and no admin has unfettered access to any systems. This reduces a company’s attack surface significantly, since hackers have taken to stealing the credentials of such privileged users, precisely because that has traditionally meant they could access all areas within a victim’s infrastructure,” noted Rik Turner, principal analyst, Ovum, in his recent report, STEALTHbits adds PAM with the option to “Bring Your Own Vault.”
With many products that govern access via policy, lack of granular access often forces a need to create many policies to support edge cases. SbPAM 1.3 saves time and effort with connection profiles that allow reusable configurations to be applied to many access policies. Connection profile changes are applied globally and automatically, in addition to including granular session parameters such as maximum time, proxy settings, and approval workflows.
Regardless of whether organizations are looking to improve administrator accountability or need evidence during an incident investigation, SbPAM 1.3 provides the ability to record and playback sessions for definitive proof of what actually transpired during a particular session.
“STEALTHbits has spent years developing a next generation PAM solution. Instead of focusing on privileged account management, we fix the problem at the source by eliminating the vast majority of privileged accounts and removing administrative rights when not in active use,” stated Martin Cannard, VP of Product Strategy at STEALTHbits. “SbPAM 1.3 is the next step in the evolution of our zero standing privileges (ZSP) approach to PAM. Ephemeral accounts, approval workflows, connection profiles, and session recordings are all aimed at protecting privileged access without causing an administrative burden.”
To learn more about STEALTHbits Privileged Activity Manager 1.3, visit https://www.stealthbits.com/stealthbits-privileged-activity-manager-pam-product.
ABOUT STEALTHBITS TECHNOLOGIES
STEALTHbits Technologies is a cybersecurity software company focused on protecting an organization’s credentials and data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements, and decrease operations expense.
Identify threats. Secure data. Reduce risk.
For more information, visit http://www.stealthbits.com/contact or call +1-201-447-9300.