BeyondTrust continues to progress in optimizing and streamlining endpoint security controls. Our latest release of Privilege Management for Windows and Mac delivers new support in BeyondInsight, BeyondTrust’s comprehensive privileged access management (PAM) platform. The release features the integration of a new Policy Editor and Azure AD, as well as numerous other enhancements for Privilege Management Cloud, including updates to the Management API, the OpenID Configurator, and MFA suppression, to name a few.
What does this release mean for Privilege Management for Windows & Mac customers utilizing BeyondInsight?
- More efficient and streamlined workflows between endpoints
- Faster policy implementation
- Improved access controls and auditing
The BeyondInsight platform was designed to maximize visibility and control over privileged access activity to better secure endpoints.
For more details about Privilege Management for Windows & Mac version 22.1, please see the release notes here, check out our What’s New document here, or read on for more highlights from this release.
Highlights - Privilege Management for Windows & Mac Utilizing BeyondInsight
New Policy Editor for BeyondInsight
For customers using BeyondInsight 22.1, we have upgraded the interface that matches the Cloud experience with our new Policy Editor. This provides a vastly improved user experience, making policy management faster, easier, and more intuitive.
Azure AD Filtering in BeyondInsight
Now, Privilege Management for Windows & Mac customers who use BeyondInsight can leverage Azure Active Directory groups to apply filters and rules.
Highlights - Privilege Management for Windows & Mac Cloud
Updated Management API
Release 22.1 of Privilege Management for Windows & Mac includes and updated Management API. The Privilege Management Cloud (PM Cloud) Management API serves as a method for customers to interact with PM Cloud in their own custom applications, as a user would through the Portal front-end.
Updates to Policy in this release include:
- Retrieve Policy
- Retrieve Policy Detail
- Update Policy Properties
- Assign Policy to Group
- Remove Policy from Group
- Deploy Policy to List of Computers
- Download Policy Revision
- Delete Policy
- Revert and Discard Policy Changes
Updates to Endpoints in this release include:
- Retrieve User List
- Retrieve Role List
- Retrieve User
- Retrieve Role
- Create User
- Update User
- Disable User
- Resend Email Invite
MFA Suppression
The need for an end user to confirm their identity using an MFA token can now be suppressed for a specified period. This helps with customers who regularly need to perform multiple, repeated, elevated actions, allowing them to avoid what has been described as "token fatigue."
Updates for OpenID Configurator
Users can now:
- Use the PM Cloud Portal to migrate from Microsoft B2B authentication to OIDC authentication.
- Use the PM Cloud Portal to change their OIDC information, like Client Adapter, which often has password expiry rules in play.
Other Enhancements
- Removal of Log4j
- Support for OAuth in Privilege Management for Mac
- Allow authorization of Console.app on MacOS
- Link from Client & Adaptor Summary to Computers Grid
- Web Policy Editor:
- Updated messaging in Web Policy Editor
- Allow users to search for applications within application groups Allow advanced agent configurations
About BeyondTrust Privilege Management for Windows & Mac
BeyondTrust Privilege Management for Windows & Mac pairs powerful least privilege management and pragmatic application control capabilities, delivering fast, unmatched, preventative endpoint security. Grant the right privilege to the right application – not user – only when needed and create a single audit trail.
Some benefits and key differentiators for BeyondTrust Privilege Management for Windows & Mac include:
- QuickStart Templates: Implement least privilege policies in days with flexible, out-of-the-box workstyle templates.
- Trusted Application Protection: Stop attacks involving trusted applications and catch bad scripts and infected email attachments. Immediately stop trojan horses, fileless attacks, and more with pre-built templates.
- Pragmatic Application Control: Get control over what users can install or run back into the safe hands of IT, with automated exception handling. This helps eliminate malware and ransomware threats.
- Privilege Elevation: Perform privilege elevation when an end user requests permissions outside of their policies—without the need for privileged or administrator credentials.
- Out-of-the box integrations: Integrate Privilege Management for Windows and Mac with your other solutions, including ServiceNow, VirusTotal, and Multi-Factor authentication providers. (Visit our integrations page here).
- Open Integrations Framework: Utilize PowerShell scripts with Power Rules to automate workflows, create custom behaviors, or build integrations with ITSM solutions and other tools.
- Enterprise Auditing and Reporting: Provide a single audit trail of all user activity to streamline forensics and simplify compliance, using graphical dashboards and reports for quick access.
Learn more about Privilege Management for Windows and Mac, or view a demo here:
Lindsay Marsh, Senior Product Marketing Manager
Lindsay Marsh is a Senior Product Marketing Manager at BeyondTrust, focusing on Endpoint Privilege Management since 2015. She has over 20 years of experience in IT and cybersecurity. She holds a BA in Business Administration/Marketing from the University of Phoenix. She can be found on LinkedIn and Twitter.