SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
BeyondTrust improves its privileged access management bundle
Fri, 3rd Feb 2023
FYI, this story is more than a year old

BeyondTrust, the identity and access security provider, has announced new releases of its Privileged Remote Access and Password Safe and the availability of both products in a new bundle with value pricing. These releases introduce new, expanded capabilities for developers, cloud ops and other technical staff to secure and manage access to critical systems in a way that doesn't sacrifice ease of use or efficiency.

Traditional Privilege Access Management (PAM) tools have not kept up with cloud use cases and often require developers and cloud ops engineers to use legacy connection methods like VPNs and actively contribute to the use of shadow IT.

BeyondTrust’s robust infrastructure access capabilities are designed for today’s modern cloud-native environments. These releases advance our capabilities beyond traditional PAM and address all seven tenets of zero trust.                                                                   

BeyondTrust Privileged Remote Access provides frictionless, just-in-time, just-enough access to critical systems without requiring a VPN. In addition, privileged Remote Access users will benefit from enhanced infrastructure access capabilities that improve productivity and simplify compliance in the most challenging and complex environments. It includes enabling admins to granularly define who has access to what and when and easily integrate Privileged Remote Access with an IDP for dynamic roles-based access.

Other features allow users to leverage familiar tools and workflows, like Putty and Azure Data Studio, to conduct work securely. It also has direct tunnelling to the SQL protocol and connecting to this tunnel with the admin's tool of choice; this enables the least privilege with very granular access to specific infrastructure, cloud applications, or even controlling the specific permissions in those apps or systems.

BeyondTrust Privileged Remote Access allows injecting credentials for connections from Password Safe to streamline the user's workflow and protect against abuse of privileges. It also will enable tools like Terraform to spin up and down ephemeral cloud infrastructure and automatically grant and revoke access through a collection of BeyondTrust’s pre-built scripts. It helps create a consolidated audit trail of developer and cloud ops activity and IT admin and vendor activity, eliminating multi-source log issues.

BeyondTrust Password Safe now includes secrets management capabilities. This capability enables secrets, as well as passwords, certificates, keys, tokens, etc., to be stored and managed in Password Safe, expanding the ability to secure critical infrastructure and DevOps environments in the cloud. In addition, centralising secrets and credential vaulting within Password Safe allows organisations to leverage one powerful, integrated solution, in contrast to vendors who only offer a standalone secrets vault or require several tools to manage privileged accounts and secrets. 

The new feature enables combined management of privileged passwords, SSH keys, team passwords, and secrets used in CI/CD pipeline and runtime environments. It also helps leverage Password Safe full-featured GUI for faster secret management use case adoption.

Other new features include integration with Kubernetes without the need for developer expertise; simplified storage of certificates, API Keys, tokens, etc., within a secure and audited vault; full API support, file upload/download, and secrets management; and reporting of all secrets and team passwords transactions, complete auditing and reporting of secrets and groups.

With these two releases, BeyondTrust is also offering a value-packed bundle that includes the industry-leading credential management capabilities of Password Safe (privileged accounts management, comprehensive discovery and onboarding, privileged task automation) and the best-in-class session management of Privileged Remote Access (privileged access control, infrastructure access management). This is the most comprehensive Privileged Account and Session Management (PASM) solution at a value price accessible to organisations of all sizes.

“Increasingly, organisations are working to maximise the productivity and effectiveness of developers and cloud ops, while reducing network complexity, shrinking attack surfaces, and stopping shadow IT,” says Sam Elliott, Senior Vice President, Product Management at BeyondTrust. 

“With the enhanced infrastructure access capabilities of Privileged Remote Access, the inclusion of secrets management in Password Safe, and the combined access of both products in one supercharged bundle, IT teams now have more tools at their disposal to support the unique needs (frictionless, agile work) of technical staff while taking huge steps to reduce the risk in their cloud environments, meet compliance requirements and keep them on their zero trust path.”