Privileged user accounts have elevated privileges such as Domain Administrator rights or root privileges. PAM solutions were developed to monitor and record privileged user account activity or sessions. They monitor this privileged access to network devices such as Windows, Linux and Macs. These PAM solutions help organizations meet audit and compliance requirements, conduct forensic analysis and protect critical assets against external and insider threats.
Traditional and well-known PAM vendors such as CyberArk, ThycoticCentrify and BeyondTrust achieve this goal by creating detailed session audits and video recordings of the on-screen activity of all IT administrator privileged sessions, including keystrokes and mouse movements.
But, what happens when you have large media files, threat activities that are not recorded, or controls and compliance personnel such as auditors that struggle to find the time and resources to work through all those video recordings?
Traditional session monitoring and recordings present challenges to IT security personnel as well as compliance and controls experts. For example, they:
Remediant’s Intelligent Session Capture (ISC) leverages your existing investment in a EDR solution to:
USE CASE: Malicious insider is leveraging their privileged JIT session to exfiltrate sensitive data
Remediant Intelligent Session Capture offers a new and more effective approach to session recording by partnering with EDR vendors.
Join us to learn more on Remediant and VMware Carbon Black's partnership and how you can reduce your attack surface and prevent lateral movement attacks. We'll discuss:
• Market trends and the need for integrated EDR and PAM solutions
• VMware Carbon Black and Remediant: the better together story
• Demos: Intelligent Session Capture and management of remote systems
• Use cases and benefits
The combined solution helps Incident Response teams quickly determine root cause and stop lateral movement attacks at endpoints. For example:
This video demonstrates Remediant's Intelligent Session Capture capability through its integration with CrowdStrike Falcon. With this integration, you can pivot from the SecureONE console through an embedded “Investigate” link to the EDR console to proactively explore for any suspicious threat activity during the JIT privileged session at the Windows, Linux and Mac endpoints and mitigate it through a combination of Remediant and the EDR solution.
This video demonstrates Remediant's Intelligent Session Capture capability through its integration with VMware Carbon Black Cloud. With this integration, you can pivot from the SecureONE console through an embedded “Investigate” link to the EDR console to proactively explore for any suspicious threat activity during the JIT privileged session at the endpoints and mitigate it through a combination of Remediant and the EDR solution.