BeyondTrust Privilege Management for Windows Servers reduces the risk of privilege misuse by assigning admin privileges to only authorized tasks that require them, controlling application and script usage, and logging and monitoring privileged activities.
Features and Capabilities
- Comprehensive Least Privilege Management: Elevate administrator privileges to applications, enabling sysadmins to connect and work as standard users through fine-grained policy-based controls. Exercise full, granular control of Windows service operations and the command line through PowerShell and the terminal to reduce the risk that privileges can be used in a cyberattack.
- Seamless Application Control: Deliver trust-based application whitelisting with a flexible policy engine to set broad rules. Tailored options enable organizations to choose automatic approval for advanced users – protected by full audit trails – or utilize challenge-response codes.
- Secure Vulnerability-based Application Management: Leverage vulnerability data from BeyondTrust Enterprise Vulnerability Management to provide run-time intelligence on the risk of applications targeted for privilege elevation.
- Complete Auditing and Governance: Collect, securely store, and index keystroke logs, session recordings, and other privileged events to speed forensics and simplify compliance.
- Privileged Threat Analytics: Correlate user behavior against asset vulnerability data and security intelligence from best-of-breed security solutions to provide an overall picture of end-user risk.
- File and Registry Monitoring: Audit and report on changes to critical policy, system, and application files and registry keys, eliminating unauthorized configuration changes, workarounds, and gaps that could lead to exploitation.