Introducing Netwrix SbPAM 3.5

Expand the Security
of
Privileged
Access across
Your
IT Environment

Enhanced platform support

Extend privileged access security to Azure
AD, Linux, Cisco devices and web-based
resources.

Post-Session RDP Cut-Off

Shut the doors that attackers use to get into
your infrastructure.

File Change Monitoring

Detect security threats resulting from
changes to critical files during privileged
sessions.

Integration with SIEM Solutions

Centralize security monitoring and leverage
your existing investment.

ENHANCED PLATFORM SUPPORT

Minimize Privileged Access Security Risks across Your IT Environment

The growing complexity of IT environments makes it harder and harder to control privileged access to your systems. Netwrix SbPAM enables you to centralize privileged access management across your multiple platforms, now with new or enhanced support for:

Azure AD

Linux

Cisco devices

Web-based
resources

Thwart would-be attackers by eliminating standing privilege

Minimize your privileged access security risks by eliminating standing privileged accounts, including Azure AD, Linux, Cisco devices and web-based resources. Instead, issue on-demand admin accounts that exist only as long as needed to complete a particular task.

Improve control over admin activity

Minimize the likelihood that your admins will undermine the security of your IT environment, either maliciously or by mistake, by certifying and monitoring each privileged session.

Reduce administrative burden

When you have a large IT environment, it’s difficult to strike the right balance between minimizing access rights and simplifying administration. Walk this line with ease by consolidating privilege management into a unified platform purpose-built for least-privilege access.

Thwart would-be attackers by eliminating standing privilege

Improve control over admin activity

Minimize the likelihood that your admins will undermine the security of your IT environment, either maliciously or by mistake, by certifying and monitoring each privileged session.

Reduce administrative burden

POST-SESSION RDP CUT-OFF

Shut the doors that attackers use to get into your infrastructure

While you need remote desktop protocol (RDP) to connect to servers and devices in your network, having it enabled 24/7 puts you at risk of unsanctioned access. Netwrix SbPAM enables you to disable RDP automatically after each privileged session to reduce this risk.

Block ransomware and other cyberattacks

Attackers often target RDP to gain a foothold that they can use to launch ransomware and move laterally through your systems. Minimize the window of opportunity by enabling RDP only when it’s needed to access a particular resource and automatically disabling it as soon as the task is complete.

Avoid unauthorized RDP connections

Minimize the risk of unsanctioned privileged remote access by anyone, including rogue admins, by automatically disabling RDP on a machine immediately after an administrative task is completed.

Block ransomware and other cyberattacks

Avoid unauthorized RDP connections

Minimize the risk of unsanctioned privileged remote access by anyone, including rogue admins, by automatically disabling RDP on a machine immediately after an administrative task is completed.

FILE CHANGE MONITORING

Detect malicious changes to critical files during privileged sessions

Any unsanctioned change to a system file during a privileged session could lead to a security incident or business disruption. Minimize your risk by recording all changes to critical files and making them readily available for investigations.

Strengthen threat detection and investigation

Any change to a critical file, such as a system configuration, during a privileged session could be a sign of malicious action. Improve your ability to detect and investigate security threats by logging these change events and sending the details to your SIEM.

Minimize the chance of business disruptions

Changes to critical files can also disrupt business operations, such as when an admin makes an improper change to the configuration of a business application. Spot and investigate these changes — before users start complaining — by marking critical files to be checked for changes made during privileged sessions and receiving notifications whenever such changes are made.

Strengthen threat detection and investigation

Minimize the chance of business disruptions

INTEGRATION WITH SIEM SOLUTIONS

Centralize security monitoring and leverage your existing investment

Because SIEM solutions collect, correlate and analyze logs from multiple systems, they are a cornerstone of threat detection and investigation for many organizations. Now you can make your SIEM even more effective by enriching its input and output with information about privileged activity from Netwrix SbPAM.

Detect threats related to privileged activity

Strengthen your threat detection capabilities by sending logs of privileged activity to your SIEM, where they can be correlated with information collected from other systems.

Streamline investigations and prove compliance

Gain wider visibility into your environment by enhancing the output of your SIEM with detailed records of privileged activity, including who initiated a session and when, who approved it, and where that session took place. Use that information both to investigate security incidents and to prove to auditors that you are closely monitoring activity around your critical resources.