The 2021 Gartner Magic Quadrant for Privileged Access Management has been published, and BeyondTrust is pleased to announce that we have been named a Leader for the third time in a row! According to the research report, “Gartner defines the privileged access management (PAM) market as a foundational security technology to protect accounts, credentials and operations that offer an elevated (“privileged”) level of access.”
This year’s edition of the Magic Quadrant provides an assessment of 10 PAM vendors. Organizations are evaluated across completeness of vision and ability to execute, with the report drilling down across dozens of criteria. You can download a complimentary copy here.
Read on for more highlights and analysis of the report.
PAM Market & Trends
In this year’s report, Gartner sees the PAM market as comprised of the following three distinct tool categories:
- “Privileged account and session management (PASM)
- Privilege elevation and delegation management (PEDM)
- Secrets management”
Gartner calls out these as the core capabilities of PAM:
- “Discovery of privileged accounts across multiple systems, infrastructure, and applications
- Credential management for privileged accounts
- Delegation of access to privileged accounts
- Session establishment, management, monitoring and recording for interactive
- Controlled elevation of commands”
According to Gartner, these are optional PAM capabilities:
- “Secrets management for applications, service, and devices
- Privileged task automation (PTA)
- Remote privileged access for workforce and external users”
Let’s take a closer look at 3 key trends.
1. PAM continues to be a high priority for security organizations: Gartner states, “The growth is mainly driven by the increasing awareness among security staff regarding criticality of PAM solutions. Several high-profile breaches have been linked to compromised privileged account credentials. Coupled with this, the accelerated migration to cloud, blurring enterprise security perimeters and the overall increase in the number of cyberattacks all contribute to the growth of PAM adoption.”
This aligns with what we’ve seen at BeyondTrust over the past year as organizations continue to adopt and evolve their PAM solutions beyond basic PASM products to include PEDM, Secrets Management, and Privileged Remote Access solutions. We believe BeyondTrust offers the broadest PAM portfolio on the market, with particular strength in PEDM for Windows, Mac, Unix, and Linux.
2. Remote access security becomes increasingly important amid the pandemic. In its companion Critical Capabilities for Privileged Access Management report, Gartner states, “In response to global shutdowns, many privileged access management (PAM) vendors jumped into the remote access business, bringing new products to the market last year, with many focused on remote privileged access.”
Organizations recognize remote access security is a must-have in the new normal of work-from-anywhere (WFA), hybrid work, and accelerated digital transformation. BeyondTrust trailblazed and continues to lead in Secure Remote Access solutions, comprised of mature Privileged Remote Access and Remote Support products, that are years ahead of other PAM vendors in terms of depth and breadth of capabilities.
3. Operational Technology (OT) security in the spotlight: In the PAM Magic Quadrant, Gartner also called out the growing need and demand for extending privileged access to (OT) environments. Gartner stated, “Although PAM is typically a horizontal solution, with increasing demand from healthcare, manufacturing and natural resources, an emerging need from a vertical standpoint is for specific features for organizations using the IoT and OT. Examples include companies in the utilities and energy sectors, and hospitals. These organizations need to secure privileged access to their supervisory control and data acquisition (SCADA) and OT devices, and require preconfigured connectors to popular OT systems.”
2021 has already been characterized by some brazen OT attacks, such as the Colonial Pipeline ransomware attack, and the water poisoning attempt on a Florida water treatment facility. BeyondTrust PAM provides a blended approach that could have prevented and mitigated these attacks and others by securing remote access pathways, proactively managing privileged credentials and secrets, and applying least privilege and pragmatic application control across all endpoints and privileged sessions. Over the past year, BeyondTrust has seen a substantive increase in customers adopting and applying our solutions for OT use cases.
The Gartner Magic Quadrant and BeyondTrust PAM
The 2021 Gartner Magic Quadrant for Privileged Access Management recognizes BeyondTrust as a Leader for both our ability to execute and completeness of vision.
In our view, the 2021 Gartner Magic Quadrant for Privileged Access Management validates BeyondTrust’s strengths in the PAM market, including platform breadth, solution depth, integrations, value, and time-to-value. We believe BeyondTrust provides the most complete, and integrated, solution across the three PAM tool categories recognized by Gartner, as well as delivering deep capabilities across the “core” and “optional” PAM capabilities described in the Gartner report. We invite you to download a complimentary copy the PAM Magic Quadrant and compare us against the rest of the vendors.
Here are what we believe to be nine differentiators of BeyondTrust PAM:
- Breadth & depth – Unlike most competitors, we deliver deep capabilities across the broadest universe of privileges – whether it’s across Windows, Unix, Linux, macOS, cloud, on-premise, employee, vendor, human, or machine.
- Ease of deployment and scalability – our customers make leaps in risk reduction and operational/administrative improvements, fast.
- Superb account discovery that helps illuminate shadow IT and bring all privileged assets and privileges under control.
- Privilege elevation and delegation (PEDM) features and platform breadth. We believe our PEDM product, called Endpoint Privilege Management, is unparalleled in the space for enforcing least privilege and implementing advanced application control capabilities, such as the Trusted Application Protection capability, which can even protect against fileless attacks. Our product also provides file integrity monitoring for Unix and Linux environments.
- Mature, secure remote access capabilities for supporting internal and third-party users, and locking down access to sensitive assets, such as cloud/DevOps/virtual control planes and other applications.
- Robust out-of-the-box and customizable analytics and reporting.
- Flexible deployment options – choose cloud, hybrid, or on-prem—we support what works best for each of our customers! Many PAM providers offer cloud or on-prem products only.
- A true, integrated PAM platform, with the ability to unlock powerful synergies when multiple BeyondTrust products/solutions are deployed.
- A clear roadmap of PAM innovations
The PAM Magic Quadrant: Today & Beyond
While the Gartner Magic Quadrant offers independent, expert-researched snapshots of the vendor market and PAM landscape, BeyondTrust’s innovation is continuous and relentless. Since the report’s March 2021 product release cut-off date, BeyondTrust has announced several significant product releases, including:
- Cloud Privilege Broker: New solution in CIEM (Cloud Infrastructure Entitlement Management) centralizes visualization and management of entitlements, enabling IT and security teams to apply consistent policies across multicloud environments.
- DevOps Secrets Safe 21.1: Latest version adds integrations and enhances just-in-time access controls, enabling service accounts to be automatically removed from the cloud infrastructure when a ‘time-to-live’ duration is reached, significantly reducing a potential attack vector.
- Password Safe 21.1: New version extends and simplifies privileged credential management to more platforms and offers enhanced integration with BeyondTrust Privilege Management for Windows and Mac.
- Privilege Management for Windows & Mac Cloud 21.5: Latest cloud-based version of the product provides an integration with ServiceNow to streamline workflows for IT-related tickets and privilege elevation requests. This release also enhances reputation-based analytics to further boost malware protection.
- Privileged Remote Access Version 21.1: Latest version delivers a number of improvements, including simplified vendor onboarding features, credential vault enhancements, Raspberry PI capabilities, and extended unattended support use cases, and more.
In addition, BeyondTrust continues to rack up important certifications, demonstrating how our solution and organization go above and beyond.
- ISO 27701 Certification: On June 3rd, 2021, BeyondTrust announced successful completion of the International Organization for Standardization (ISO) 27701 certification for our entire product portfolio for both on-premises and cloud products. Just seven months after achieving ISO 27001 certification, this additional certification demonstrates BeyondTrust’s ongoing commitment to ensure customer data is safe from the most sophisticated methods of intrusion.
- Remote Access Solutions Awarded Level 1 FIPS 140-2 Validation: On April 14th, BeyondTrust announced it had been awarded Level 1 Federal Information Processing Standards (FIPS) 140-2 validation for its Privileged Remote Access product. BeyondTrust now has FIPS 140-2 Level 1 validation for both of our Secure Remote Access solutions, Privileged Remote Access for the first time and renewed validation for Remote Support. BeyondTrust has the only Secure Remote Access solution that meet the rigorous requirements of FIPS 140-2 Level 1, a substantive differentiator in a world that is increasingly moving to hybrid or remote-first workforces.
2021 has been another highly disruptive year, yet BeyondTrust solutions are experiencing record demand to keep our world’s businesses and economies running. We have helped thousands of companies securely adjust to the new priorities and dynamic, shifting work environment since the start of the pandemic.
BeyondTrust PAM solutions work in an integrated way to unify control over your entire privilege universe and drastically reduce your attack surface. We believe our ability to secure every privileged user (human, machine, vendor, employee), asset, and session via our PAM platform poises us as the best PAM solutions provider to partner with as organizations navigate the new normal, and the multiplying planes of privileges.
If you have more specific questions about BeyondTrust, or want to start evaluating our solutions, contact us here.
Gartner, Magic Quadrant for Privileged Access Management, Felix Gaehtgens, Abhyuday Data, Michael Kelley, Swati Rakheja, 19 July 2021
Gartner, Critical Capabilities for Privileged Access Management, Michael Kelley, Felix Gaehtgens, Abhyuday Data, 16 July 2021
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner and Magic Quadrant are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Matt Miller, Director, Content Marketing
Matt Miller is Director, Content Marketing at BeyondTrust. Prior to BeyondTrust, he developed and executed marketing strategies on cybersecurity, cloud technologies, and data governance in roles at Accelerite (a business unit of Persistent Systems), WatchGuard Technologies, and Microsoft. Earlier in his career Matt held various roles in IR, marketing, and corporate communications in the biotech / biopharmaceutical industry. His experience and interests traverse cybersecurity, cloud / virtualization, IoT, economics, information governance, and risk management. He is also an avid homebrewer (working toward his Black Belt in beer) and writer.