BeyondTrust Privileged Remote Access 25.3: Secure Database Access & Automation

Bridging Credential Management and Secure Privileged Remote Access

The pressure to secure privileged remote access has never been greater. Modern IT and security teams are entering 2026 facing a paradox: they must provide faster, more granular access to a fragmenting landscape of servers, databases, and operational technology (OT) environments

Balancing operational speed with control remains the core challenge. IT and security teams must enable fast, seamless access to servers, databases, cloud infrastructure, applications, and industrial systems, while enforcing strong controls and complete auditability. How do you empower teams to work securely and fluidly across cloud and industrial systems without creating manual bottlenecks or security gaps?

Privileged Remote Access (PRA) 25.3 continues BeyondTrust’s commitment to secure access that adapts to the scale of your infrastructure. This release addresses architectural friction head-on, delivering practical innovations that simplify cloud and database workflows, strengthen automation around credential hygiene, and reduce deployment complexity. Whether you manage enterprise IT, cloud infrastructure, or industrial environments requiring OT security solutions, PRA 25.3 helps you move faster and more securely in the year ahead.

Read on for the highlights, or click here to view the full release notes for detailed technical updates.

3 Key Enhancements in Privileged Remote Access 25.3 for Secure Access at Scale

1. Automated Import of Password Safe–Managed Credentials and Endpoints

Privileged Remote Access 25.3 makes it easier for your teams to keep credential and endpoint inventories accurate without repetitive manual work. With new automated Import Rules, administrators can proactively bring in discovered accounts and endpoints, ensuring your access environment always reflects your current infrastructure.

Import Rules allow you to:

Auto-import domain, local, BeyondTrust Password Safe, and AWS accounts, as well as discovered endpoints
Apply string and numeric filters (e.g., name, description, password age, etc.)
Auto-assign accounts to the correct Account Group
Optionally create RDP Jump Items and assign endpoints to Jump Groups
Retain discovery results available for manual review
Receive email notifications after each scheduled discovery run

Why it matters: This automation reduces administrative effort, improves visibility, and ensures your access environment always reflects the latest changes.

2. Simplified Password Safe Integration Without ECM Dependencies

Release 25.3 strengthens the integration between Privileged Remote Access and BeyondTrust Password Safe, giving teams a more streamlined and consistent way to manage and inject credentials. Your teams can now connect directly, reducing deployment complexity and making upgrades faster and smoother.

Privileged Remote Access now natively supports discovery and imports for:

SSH
WebJump
SQL (Microsoft SQL, PostgreSQL, MySQL)
Kubernetes

Why it matters: This support reduces infrastructure overhead, simplifies upgrades, and supports modern, zero trust–aligned access workflows.

3. Full Credential Injection for Secure SQL Protocol Tunnels

PRA 25.3 now allows teams to use Password Safe–managed credentials directly within Protocol Tunnel sessions, ensuring database access security, while keeping workflows seamless and secure.

Protocol Tunnels now offer:

Credential injection using Password Safe for SQL, Postgres, and MySQL
Consistent workflows across all supported database types
Stronger least privilege enforcement for database operations
Seamless governance across cloud, on-prem, and containerized environments

Why it matters: This improvement provides a seamless, unified approach to credential management, allowing database teams to work efficiently and stay compliant across all environments.

How to Strengthen Privileged Access Security with Privileged Remote Access 25.3

PRA 25.3 introduces more automation and tighter integrations, but the real security gains come from how those capabilities are applied. Follow these practical recommendations to help translate our newest features into measurable risk reduction

1) Patch Smart – Keep Your Environment Current Without Disruption

PRA 25.3 is designed to reduce the operational friction that often delays patching. With the latest updated delivered automatically, you can ensure your access infrastructure seamlessly stays aligned with the latest security improvements, reducing risk of exposure from outdated components.

For teams that require tighter change control, update behavior can be tailored using defined maintenance windows, allowing security teams to stay current without interrupting critical operations.

2) Centralize and Govern Credential Use

Credentials do not need to be scattered across tools or handled manually. The built-in BeyondTrust Vault centralizes credential discovery, rotation, and injection, reducing exposure, while improving auditability.

Where possible, pair this with federated authentication using SAML or other external identity providers, and regularly review privileged accounts to remove unused access and rotate credentials before they become a liability.

3) Enforce Least Privilege Access at the Session Level

PRA 25.3 makes it easier to apply least privilege access with precision by setting strict session and group policies that limit users to only what’s required for their role. Limiting privileges at the session level reduces the blast radius, without slowing productivity.

Before rolling out new policies, teams can validate their impact using the Session Policy Simulator, helping avoid misconfigurations, while maintaining strong access controls.

Why Privileged Remote Access 25.3 Matters for Modern Security Teams

The updates in Privileged Remote Access 25.3 reflect BeyondTrust’s long-term commitment to helping organizations secure access everywhere—from the cloud to the factory floor. By eliminating architectural friction, automating credential hygiene, and strengthening access for high-value database workflows, this release helps organizations deliver secure remote access across cloud, OT, and database environments.

Already a customer? Upgrading ensures you are on the most secure and stable version available. Upgrade now to benefit from the latest security and performance advancements.
Exploring BeyondTrust Privileged Remote Access for the first time? Click here to see Privileged Remote Access in action.

Support & Resources 

Need help with your upgrade or have technical questions?

FAQs

Privileged Remote Access 25.3 introduces automated credential imports from Password Safe, simplified integrations without ECM dependencies, and full credential injection for SQL protocol tunnels to improve secure remote access at scale.

Privileged Remote Access 25.3 enables credential injection for SQL, PostgreSQL, and MySQL protocol tunnels using Password Safe–managed credentials, ensuring secure, audited, and least-privilege database access across cloud and on-prem environments.

Credential injection allows users to access systems without ever seeing or handling passwords, reducing credential exposure, while supporting zero trust and least privilege access controls.

Privileged Remote Access 25.3 connects directly with Password Safe to discover, import, and inject credentials without ECM dependencies, simplifying deployment and ongoing management.

Organizations managing privileged access to servers, databases, cloud infrastructure, or OT environments should upgrade to benefit from improved automation, reduced architectural complexity, and stronger credential security.

About the Author

Madhu Adireddi

Director, Product Management

Madhu is a Director of Product Management for Privileged Remote Access at BeyondTrust, bringing more than 15 years of experience developing enterprise-grade security and cloud infrastructure products, such as SIEM, GRC, and DLP. She is deeply passionate about turning complex technical challenges into intuitive, scalable, and secure solutions that deliver real value to customers. She is based in North Carolina.

Gayatri Karthy

Product Marketing Manager

Gayatri is a Product Marketing Manager at BeyondTrust for Privileged Remote Access. Prior to joining BeyondTrust, she worked across marketing functions, including channel marketing, customer marketing, and product marketing across large multinational corporations and smaller, agile companies. Gayatri currently lives in SF and enjoys traveling, practicing yoga, and watching horror movies in her free time.