Solutions Review’s annual Vendors to Know in Privileged Access Management Platforms provides the details on some of the most critical solution providers in the space.
The editors at Solutions Review continually research the most prominent and influential privileged access management vendors to assist buyers in search of the tools befitting the needs of their organization. Choosing the right vendor and solution can be a complicated process; it requires constant market research and often comes down to more than just the solution and its technical capabilities. To make your search a little easier, we listed the vendors to know in privileged access management platforms.
Note: Because Centrify and Thycotic are still in the process of completing their upcoming merger, they are listed separately here. All vendors are listed alphabetically.
Vendors to Know in Privileged Access Management Platforms, 2021
BeyondTrust focuses on eliminating insider privilege abuse and increasing application visibility. Its Least Privilege Management and Server Privilege Management solutions offer app-to-app password management capabilities and broad support for PIV-based authentication. BeyondTrust offers machine learning and predictive analytics which analyzes privileged password, user, and account behaviors. Since its 2018 acquisition by Bomgar, BeyondTrust also boasts capabilities designed to eliminate manual user password changes and provide quick time to value and deployment.
Broadcom has folded CA Technologies’ privileged access management in its portfolio of enterprise solutions. In fact, it renamed its CA Privileged Access Management to the Layer7 Privileged Access Management solution. This solution works through granular authorization of users to systems and accounts. Also, it constantly monitors privileged activity to assess for risk and trigger automated mitigations when high risk is detected. Other key features are privileged account vaulting and rotation and key or token-based authentication. Layer7 Privileged Access Management controls privileged access across all IT resources, including in the cloud, and discovering all virtual and cloud-based resources.
Centrify offers its Privileged Access Security solution through a cloud architecture. Centrify’s capabilities include Single Sign-On, user provisioning, and multi-factor authentication (MFA). Centrify is particularly notable for its secure remote access capabilities, which are some of the strongest in the market. Centrify provides a broad set of user authentication methods including out of band (OOB) push mode and mobile endpoint biometric modes with remote access that supports different use cases including privileged users.
CyberArk commands a large share of the modern PAM market. The solution provider’s Privileged Account Security Solutions offer enterprise-grade, policy-based solutions that secure, manage, and log privileged accounts and activities for both protection and evaluation. CyberArk also uses behavioral analytics on privileged account usage to detect and flag potential anomalies from insider and external threats. Key components of CyberArk’s PASS include an SSH Key Manager, Privileged Session Manager, Privileged Threat Analytics, and Endpoint Privilege Manager. It also offers the CyberArk Privilege Cloud as a cloud-delivered PAM solution to simplify the storage and rotation of credentials and monitoring privileged access.
Devolutions positions itself as privileged access management specifically geared for SMBs. In fact, Devolutions has worked with small businesses for a decade. As such, it offers companion features and tools to meet organizations’ specific use cases for its Devolutions Password Server. These include the Devolutions Launcher for fast launching of remote sessions and the Devolutions Web Login, which allows for the secure injection of passwords into websites via a secure credentials vault. The Password Server itself is a full-featured shared account and password management solution. It can be used in combination with Remote Desktop Manager for privileged account and session management tools integrating over 150 integrations and technologies.
Ekran System is an insider threat protection platform that provides proper security control over your enterprise’s privileged accounts. It offers lightweight software agents for all kinds of endpoints, supporting any access scheme and network architecture, including hybrid. Agents combine access management functionality with comprehensive activity monitoring, recording, and alerting and enable essential incident response capabilities. Ekran System’s solution serves to enhance third-party vendor management, remote and on-site employee control, and other security tasks.
ManageEngine is primarily based out of California and is the IT management division of the Zoho Corporation. Its privileged identity management solution incorporates its Password Manager Pro product, which can discover, store, control, audit, and monitor privileged accounts. ManageEngine also offers ease-of-use with an intuitive user interface for its PAM solutions which supports approval workflows and real-time alerts on password access. ManageEngine’s discovery engine is capable of discovering and enumerating Windows local and domain accounts on the enterprise network, virtual environment, and Linux devices with equal efficiency. The Manager Pro product acts as a centralized credentials vault and can manage shared accounts across operating systems.
Micro Focus owns the NetIQ identity and access management suite, a highly scalable set of solutions. These include NetIQ Privileged Account Manager, the NetIQ Directory and Resource Administrator, the NetIQ Group Policy Administrator, and the NetIQ Change Guardian. These allow for the streamlined privileged access management in the hybrid enterprise and simplify delegated administration of Microsoft Active Directory. Further, Micro Focus’s NetIQ Change Guardian can monitor critical files, systems, and applications in real-time to detect unauthorized privileged activity.
One Identity’s Privileged Password Manager solution lets enterprises enable secure automated control and auditing on their privileged accounts. The Privileged Password Manager offers session management features, as well as an active directory bridge between different operating systems across the enterprise network. One Identity’s products are offered via a modular and integrated approach, allowing customers to add new capabilities quickly by building on existing investments; as an example, by integrating its Identity Manager Solution with Privileged Password Manager, users can request, provision, and attest to privileged and general-user access within the same console.
As a PAM provider, Remediant specializes in Just-in-Time (JIT) access and Privilege Discovery. As such, it offers the Remediant SecureONE solution for Just-in-Time Privileged Access Management; the solution also prevents lateral movement attacks and helps discover privileged access accounts on enterprise networks. It can also inventory accounts with no agent, provide continuous monitoring, and remove standing access across the enterprise. Remediant offers businesses real-time security operations center insights and comprehensive reporting; it also offers multifactor authentication to supplement JIT access.
Thycotic offers its Secret Server and Privilege Manager products as enterprise-level privileged access management tools. Its solutions include Enterprise Password Management, High Speed DevOps Secrets Management, Least Privilege Policy Enforcement and endpoint protection. The vendor also offers two-factor authentication support, integration with SIEM and CRM software, and redundant architecture options for high availability and disaster recovery. Thycotic deployment can take as little as 15 minutes for Windows environments.
Xton Technologies is a growing influence in the privileged access management market with experienced professionals behind it. Xton Technologies’ goal is to provide simple and affordable PAM software to enterprises. Its XT Access Manager Solution offers multifactor authentication controls, can store and share security keys with users and superusers, delegate the execution of privileged commands, and lockdown privileged accounts with suspicious activity. Xton Technologies also provides solutions to combat social engineering attacks and limit the internal attack surface and a free trial option with easy deployment and integration.
- The Many Forms of Single Sign-On - July 23, 2021
- Analysis: The 2021 Gartner Magic Quadrant for Privileged Access Management - July 21, 2021
- The Highest-Rated Books for Identity Management Engineers - July 21, 2021