BeyondTrust enhances PMWM to stop malware and streamline workflows


Share

BeyondTrust enhanced PMWM to stop malware and streamline workflows. BeyondTrust, the worldwide technology leader in Privileged Access Management (PAM), announced further product enhancements and integrations to its BeyondTrust Privilege Management for Windows & Mac (PMWM) product. This solution enables a preventative approach to endpoint security, stopping malicious attacks by enforcing password less administration, “Just-in-Time” access, and pragmatic application control on endpoints.

The latest release of Privileged Management for Windows & Mac(PMWM) includes the following feature enhancements:

Multifactor (MFA) Integration: Any MFA provider can now be integrated via the Open ID Connect (OIDC) protocol, and MFA messaging can be combined with other message types such as challenge/response to vastly improve security.

Advanced Parent Tracking: This new feature is an enhancement of Trusted Application Protection and Application Control and tracks the use of COM and WMI as methods of creating child processes (Windows only).

Malware increasingly uses surrogate processes like COM and WMI to spawn processes in a way that evades detection through Windows parent and child process hierarchies and evades traditional Application Control and Endpoint Detection and Response (EDR) solutions. Advanced Parent Tracking detects this form of process creation and ensures that parent/child relationships are tracked through Trusted Application Protection and Pragmatic Application Control rules.

ServiceNow (SNOW) Integration: For BeyondTrust customers who use ServiceNow to manage IT-related tickets, this new integration enables their end-users to make requests for approval directly into ServiceNow as a ticket. Service desk professionals can then directly respond to end users from within the ticket with just a click of an “Approve” or “Deny” button.

Not only does the SNOW integration allow end-users to ask for elevation of applications and privileges, but it also enables service desk professionals to approve privileges and give end-users access they need to do their jobs.

Reputation-Based Analytics with VirusTotal Integration: Bring insight and information directly to Privilege Management for Windows & Mac reporting to make better, more secure decisions on whether an application should be allowed or blocked.

Export to CSV: Following the launch of the SIEM integration released in April 2021, which allows users to import data from their SIEM solution, BeyondTrust has added CSV export capabilities within the Privilege Management Cloud console, making export of all data for subsequent manipulation andsharing easier than ever across Computers, Groups, Policies, Users, and Audit Activity.

Web Policy Updates: These features improve the user experience, and include:

  • Creating and deleting customized messaging, allowing further personalization for end-users
  • Updating Challenge/Response key configuration for easier setup and management
  • Adding applications via template, making it easier to add new rules to policies

“The latest Privilege Management for Windows & Mac releases exemplify our innovative approach to Endpoint Privilege Management, by focusing on capabilities related to enabling endpoint security,” says Dan DeRosa, Chief Product Officer at BeyondTrust.

“With the massive shift of endpoints outside of the traditional perimeter as a result of the remote working expansion, it’s more critical than ever to protect them from the threats of ransomware and other threats,” added Dan DeRosa.


Leave a reply