Privilege Without the Pain: Stealthbits, Now part of Netwrix, Introduces New "Task-Based" Administrative Access, Delegation, and Auto-Expiration Approach for Privileged Access Management

Stealthbits, now part of Netwrix, today announced the release of their new and pioneering approach to Privilege Access Management (PAM), Stealthbits Privileged Activity Manager (SbPAM).

The problem with PAM today is that traditional PAM providers focus on controlling access to accounts and their passwords, not on the activities the administrator needs to perform. As data breaches have become more and more common, it is clear – privileged access and administrative rights are essential for attackers to achieve success. Despite significant investments in perimeter and endpoint security, breaches start at the desktop and server layers of an organization’s IT infrastructure and quickly spread through the overabundance of privileged access rights, or standing privilege.

Traditional PAM providers offer minimal reduction of an organization’s attack surface because the privileged accounts they aim to manage still retain their access rights when not in use.

A new approach is needed.

The PAM market has become both complex and commoditized - it's like a house of cards waiting to come crashing down, it's crying out for a change. We are taking a unique approach that addresses the root problem without the convoluted overhead imposed by existing solutions. PAM in its essence is very simple, you need to provide your admins with a clear, audited and secure path to access privileged resources. We have hit the nail on the head with SbPAM and we do the job with minimal overhead and complexity.
Martin Cannard, Vice President Product Strategy at Stealthbits, now part of Netwrix

Stealthbits Privileged Activity Manager (SbPAM) is a third-generation PAM solution, providing Administrators the exact level of privileges needed, exactly when they’re needed, for only as long as they’re needed, and then returns the environment to a no-access-by-default state immediately upon completion.

Tuned to address the major challenges at the desktop and server layer, as well as critical directories and data repositories like Active Directory and File Systems, SbPAM enables administrators and helpdesk professionals perform their day-to-day activities easily and without the complexity of traditional PAM tools. SbPAM’s new approach focuses on controlling the activity that needs to be performed rather than mapping access to an account, resulting in a reduced attack surface that drastically improves and organization’s overall security posture.

Seventy-six percent of organizations experience a violation of privileged account policies each year. Stealthbits’ new approach easily layers on top of existing security investments to provide flexible and granular control over individual privileged activities that will prevent unauthorized permissions abuse and breach events.
Steve Brasen, Research Director with IT industry analyst firm, Enterprise Management Associates

SbPAM allows administrators to safely and securing do their job while simultaneously minimizing risk:

• Providing admins with temporal access to systems and applications that require privileged access
• Leveraging existing desktop administrative tools for access
• Allowing them to focus on the activity to be performed rather than the account required for the task

SbPAM is an incredibly exciting addition to our product and solution portfolio. As a stand-alone solution, it’s wildly innovative and remarkably easy to use. On a more macro level, however, it has great applicability to just about everything we already do.

Customers that have been relying on our Privileged Account Discovery capabilities for years, now have a powerful mechanism to remediate the excessive quantity of privileged accounts they find across their desktop and server infrastructure - the very same systems Active Directory is most commonly compromised from. Add these controls and principles to what Stealthbits does so well at the Active Directory and data layers, and it’s easy to see just how powerful and important this offering is.
Adam Laub, Chief Marketing Officer at Stealthbits, now part of Netwrix

SbPAM significantly reduces the attack surface with:

• Just in time permissions and access for users, which expire upon task completion
• Monitoring and protections of local groups
• Expiration of process-generated permissions that otherwise remain active as artifacts, for example, completion and closure of Kerberos tickets upon completion of the task or process for which the ticket was issued

To learn more about SbPAM, visit https://www.netwrix.com/sbpam.html