What is PAM+

PAM+ is a completely new way to contextualize privilege identities within the scope of a cyber attack. This starkly contrasts the legacy PAM approach which focuses on the credential (vaulting) as opposed to focusing on the access that enables cyber attacks. We invite the industry to reimagine the way they solution for this gap and think about the problem they're solving for.

The key elements of PAM+ include:

Zero Standing Privilege (ZSP) for all Endpoints - Remove all admins from all endpoints. By removing this access, PAM+ eliminates privilege sprawl, a key requirement for a successful cyber attack. This also implicitly enforces a Zero Trust privilege model by removing implicit trust at each endpoint.
Just-In-Time Administration (JITA) - Access is conferred Just-In-Time and only for as long as it's needed. That means there are only admins present on an endpoint when privileged access is required. Following this need, the access (admin account) is removed from the endpoint.
No New Credentials - Without a focus on passwords/credentials, PAM+ does not require the creation of new credentials or change how those credentials are managed. If you're already using a vault, feel free to keep using it!
Multi-Factor Authentication - PAM+ is the single control point for all JITA. Adding MFA to this is an absolute necessity and adds an additional aspect, achieving further defense-in-depth without any additional overhead.

Why PAM+ Matters

Cyber attacks are successful today because attackers use compromised admin credentials to gain privileged access and can steal administrator credentials once they get a toehold on an enterprise system. PAM+ takes a realistic approach to secure privilege identities, leaving the archaic and unrealistic vaulting approach behind for something better.

Whereas legacy PAM (vaulting) requires you to implicitly know and protect every credential to realize true protection, a PAM+ approach focuses on the access on the endpoint itself and how attackers target and move laterally. This enables an organization to focus on the highest impact and stop an attack in its tracks. This includes malware, ransomware, advanced persistent threats, red teams, nation state attackers, among others. For more, see this comparison.

What's more, PAM+ builds MFA directly into the offering, combining what's often considered two distinct efforts for even greater realized defense-in-depth. While there are several providers who are taking a PAM+ approach, Remediant leads the way with the SecureONE offering which enforces a Zero Trust model to privileged access. With no admin on the endpoint (Zero Standing Privilege), a successful attack is rarely effective at a damaging scale.

Get the Data Sheet for PAM+

Remediant PAM+™ is at the forefront of the transformation occurring in the Privilege Access Management market. Customers at enterprises of all sizes are demanding real-time visibility into privilege account sprawl and protection against lateral movement attacks that utilize compromised credentials. These challenges, despite massive investments in cybersecurity tools and processes, are slowing digital transformation initiatives and causing an increase in cyber insurance premiums. Privilege escalation and lateral movement appear time and again as the most critical attack vectors in the MITRE ATT&CK framework and in all recent Verizon DBIR reports.