The privileged access management (PAM) market is heating up! According to the 2020 KuppingerCole Leadership Compass for PAM there are roughly 40 vendors in the space with combined annual revenue of $2.2 billion, which is predicted to grow to $5.4 billion a year by 2025. This represents a compound annual growth rate (CAGR) of 20%.
The takeaway: More and more organizations are looking to invest in the next generation of PAM solutions, which offer advantages over more traditional and now aging market-leading vendors.
The analyst responsible for this KuppingerCole Leadership Compass for PAM, Paul Fisher wrote this about Stealthbits Privileged Activity Manager® (SbPAM):
Stealthbits was also named an innovation leader:
Interested in a copy of the KuppingerCole Leadership Compass for PAM? Download here
Many leading PAM vendors and products have been around for 10-15 years, centered around a password vault, and utilizing aging technology. But those approaches are expensive, overly complicated, and create a larger attack surface with hundreds, if not thousands, of standing privileged accounts.
Organizations are being tempted by newer approaches. Solutions that deliver just-in-time privileged access to perform a task and then remove it when a task is complete not only drastically reduces your attack surface, they simplify the process. Also driving change is the fact that proprietary password vaults are generally a requirement of every enterprise PAM solution, adding costs and making switching that much more prohibitive. Vault alternatives such as HashiCorp and Microsoft LAPS (which is available free of charge), are gaining in popularity. Ask any enterprise with a PAM deployment how long it took to deploy and you’ll hear sound bites like “9 months”; “the POC took over a month”; “We still don’t have everything implemented to this day”. The next-gen PAM solutions deploy in hours and days, not weeks and months. They provide all needed components without charging for each module and they utilize shared, common, or open-source infrastructure to also keep cost minimized.
Your privileged accounts that are sitting idle waiting for some administrator to use them to do some task, are actually expanding your attack surface. If an attacker was able to leverage one of these accounts, all the needed access rights are there for the taking. Why give attackers the opportunity? SbPAM can auto-provision privileged access for a specified person and time period, then auto-remove access rights when the task is completed. We can do this to managed accounts, requestor’s normal Windows accounts, or we create an ephemeral/temporary account. Multiple options to reduce you attack surface and simplify privileged access management.
Traditional PAM vendors want you to believe vaulting ALL credentials is a REQUIREMENT for PAM, but that’s not the case, it’s simply a requirement to USE THEIR PAM SOLUTION. Traditional vault solutions can be complex, expensive, and take huge amounts of time to get right. Stealthbits gives customers the option to continue using their incumbent password vault, removing the ‘rip and replace’ pain of other vendors. We call it Bring-Your-Own-Vault (BYOV) and it’s a first in the industry. We allow you to vault only what needs to be vaulted and give you choices where they are stored.
Few are fans of the big spreadsheets that get passed around, where managers approve or deny what access rights their employees should have. SbPAM is the only PAM solution with built-in ability to approve/deny privilege access. Privilege access is critical, so it’s key to make it easy, fast, and as mistake proof as possible. Certification task workflows are easy to generate, and once reviewed/committed, excessive access is adjusted in seconds.
Unfortunately, traditional PAM vendors often take huge amounts of time to setup Proof-of-Concepts (POCs) and/or full implementations. And rightfully so….they are a complicated set of workflow and security measures to ensure the protection of the privilege access cyber-attackers covet most. BUT it doesn’t have to be like this…
SbPAM can have most POCs running in an hour and installation is typically a one day job. We run on Windows, Linux or Docker containers. We do not charge for extra features or add-ons; all functionality is included, no surprises; neither do we charge for scale-out components such as proxies, servers, databases, action services and more.
Stealthbits takes a different approach to PAM and is being recognized for it…. “Potentially the future of PAM”….. “Easy to use and administer”…. “very rapid deployment”. We reduce your attack surface where others create it. We provide vault options where others don’t. We make PAM convenient – Access Certification, Deployment, Use – where others have not. Beyond the recent analyst recognition, we were also recently named WINNER for Best Privileged Access Management Product by Cybersecurity Excellence Awards.
Stealthbits Privileged Activity Manager® (SbPAM) was recently named WINNER for Best Privileged Access Management Product Award
Craig Larsen – Information Systems Administrator, Eastern Carver County Schools – had this to say…
“The concept of temporary elevation, or just-in-time access, makes so much sense as the admin is granted access on the fly, and access is removed when no longer needed.”
“Honestly, SbPAM is so simple to install and get running that we probably could have done it ourselves.”
Damon is the Director of Product Marketing at Stealthbits responsible for Active Directory and Privileged Access Management solutions. He has over 20 years of experience addressing marketing challenges of all kinds for many notable, B2B software companies, including Red Hat, Quest Software, Sterling Commerce, and most recently SecureAuth. Damon has a passion for cybersecurity software and improving the defenses of organizations against cyber-attacks. Damon resides in Columbus, Ohio.
Reduce the opportunity for lateral movement attacks through privileged account reduction. Start an instant free trial of Stealthbits Privileged Activity Manager today!Start Now
Start a Free Stealthbits Trial!
No risk. No obligation.