BeyondTrust Simplifies Endpoint Privilege Management with PAM Platform Integration
July 2019 by Pierre Kouliche
BeyondTrust has announced the latest release of BeyondTrust Privilege Management for Windows and Mac, formerly Avecto Defendpoint. Now integrated with BeyondTrust’s BeyondInsight platform, organizations can achieve critical security and compliance requirements of enterprise-wide least privilege more quickly and easily than ever before. BeyondInsight is a unified platform combining privilege and vulnerability management solutions, enabling IT professionals and security experts to work together with increased visibility and enhanced efficiency.
According to Gartner’s Top 10 Security Projects for 2019, Privilege Access Management (PAM) is first on the list of priority security projects for organizations that have already adopted all basic security measures. Analysis from BeyondTrust’s recent Microsoft Vulnerabilities Threat Report supports Gartner’s top security priorities, finding that enforcing least privilege and removing admin rights from users eliminates 81% of Microsoft vulnerabilities.
With the release of BeyondTrust Privilege Management for Windows and Mac, true enterprise-wide PAM can be deployed in weeks, not years, based on BeyondTrust’s unique Quick Start methodology and BeyondInsight platform integration.
Key capabilities with this integration include the following:
• Create and oversee policies in BeyondInsight using an integrated privileged access approach for policies, events, and reporting for managing BeyondTrust and third-party solutions.
• Deploy stacked user and asset-based policies using Smart Group and Smart Rules to target individual assets and users that need privileges, allowing elevated granular control across the organization.
• Provide complete auditing and visibility of privileged activity and application usage through fully integrated reporting dashboards, event grids, and insights into the use of privileges.
• Create new rules for discovered applications and activities by importing directly from event data, allowing instant access to audit data to quickly respond to policy change requirements.
• Deploy on a hardened physical or virtual appliance, or on-premise AWS, Azure, or Google private cloud, enabling the management of BeyondTrust and third-party solutions.
In addition to the BeyondInsight integration, BeyondTrust Privilege Management for Mac includes the ability to allow non-admin users to install and uninstall applications in the /Applications/directory. This key requirement further empowers Mac users to work safely and securely under least privilege, while giving IT admins central policy control. The solution now also includes the ability to assign elevation and application control at the computer level based on the host name, IP address, or IP range. Using innovative methods to hook into the operating system, the release of the Mac client drastically improves performance, stability, and security.