Menu
Contact Us
Free Trial
incident-response

Bring your own vault

Maximize the value of your Privileged Access Management (PAM) solutions

Standing privileges, the gap between Zero Trust and PAM

With rapid innovation comes the rapid scaling and adoption of infrastructure. To fuel this innovation, the number of privileged users (on-call developers, admins, SREs) is growing and evolving constantly. With this growth in new technologies and privileged users to support them, comes new threats.

It is, therefore, no surprise that 74% of breached organizations admitted the breach involved access to a privileged account (according to Centrify’s Threat Landscape Survey). In addition, The Verizon Data Breach Investigations Report (DBIR) found that out of all attacks, 29% of total breaches involved the use of stolen credentials, second only to phishing.

While privileged access management (PAM) solutions have been in market for years, they miss a key piece of functionality that leads to the value of a PAM implementation does not get fully realized:

Focus on authentication, not access

Legacy PAM solutions focus exclusively on authentication as the method for protecting privileged access. Over time, innovation in these legacy PAM solutions has involved longer passwords or more frequent credential rotation – but never quite addressed the real needs of practitioners who use these solutions every day. The outcome: high residual risk, high friction.

Undiscovered, always changing privileges.

PAM solutions protect known privilege. They do not offer a way to discover and monitor privileged access across the enterprise. This results in an invisible sprawl of administrator privilege, ready to be compromised and completely unknown to an organization. Outcome: Unknown, constantly changing attack surface.

Standing developer and admin access to production servers and every workstation.

This violates the Principle of Least Privilege and keeps the doors open for lateral movement since administrators have 24x7x365 access to company networks. So, all it takes is one hack, one single credential stolen for the attacker to have the “keys to the kingdom.” From there, an attacker may move laterally to steal IP and other sensitive data from HR, finance, R&D and other critical systems. 

To move laterally across a network, an attacker needs valid login credentials.

For more on common techniques used by attackers to capturing credentials and escalating privilege, read the following article: Lateral Movement Explained by CrowdStrike.

High friction user experience for privileged users.

Accounts managed through legacy PAM must check out a generic or shared ID and get approval every time there is a need for privileged access. Outcome: This approach slows down their ability to respond quickly, thereby increasing Mean Time To Respond.

Consistently incomplete deployments

An agent-based approach that requires touching each endpoint in a network does not scale. This issue, coupled with high administrator friction results in incomplete PAM deployments. The problem is further exacerbated as workloads are dynamically provisioned and are ephemeral. Outcome: Low return on investment despite high total cost of ownership.

Standing Privilege is an Advanced Persistent Threat (F)actor

For more on how admin privileges proliferate across a network, read this article by Dr. Shane Shook from ForgePoint Capital.

Zero Standing Privilege: Bridging the gap between Zero Trust & PAM

The extension of your PAM program that removes standing privileges and brings Zero Trust to privileged users and allows you to maximize the value of your enterprise vaults and privilege session managers

Continuous Discovery

Scan continuously for hidden privileged accounts on endpoints not managed by your PAM solution today  (150,000 endpoints in approximately four hours).

secure-one-banner-img

Standing Privilege Reduction

Remove the residual, hidden access that privileged accounts have to improve overall risk posture and value of your PAM program

Remediant can help you in the following ways:

Discover "what to vault"

Discover & secure accounts outside of a vault; wrap around existing operational processes

Local Admin / Hidden AD Access Cleanup

Manage local admin accounts & remove hidden access in nested AD groups

Zero Trust, Stopping Lateral Movement 

Our approach does not allow a threat actor to move laterally in an organization; does not permit rogue or backdoor accounts to be added

Directory Bridging for Linux systems 

JITA for Linux/cloud workloads, agentless approach to light AD bridging

Incident Response/Breach Containment

Quick lockdown to stop ransomware spread; provide enterprise contact tracing

Continuous Auditing

Continuous picture of who has/who used/who attempted privileged access for a system

Peaked your interest? Sign up for a 30 day free trial.

See how SecureONE can defend your enterprise with zero standing privilege.