BeyondTrust PRA 26.1.1: Secure DB Access & Realtime Monitoring

Secure Access That Keeps Pace with Modern Workloads

IT and OT environments are evolving rapidly, and teams require secure, responsive access that keeps pace. BeyondTrust Privileged Remote Access (PRA) 26.1.1 delivers on that need with innovations that improve database access, boost session performance, and give administrators real-time insight into endpoint activity, all while keeping credential management seamless and aligned with zero trust principles.

Read on for the highlights, or click here to view the complete release notes for detailed technical updates.

Key Enhancements in Privileged Remote Access 26.1.1

1. MongoDB Protocol Proxy with Credential Injection

Before: Accessing MongoDB was often unmanaged, with exposed credentials and limited visibility into user activity.

Now: Privileged Remote Access securely proxies MongoDB connections, injects credentials automatically, and logs all queries without ever exposing passwords.

What this changes operationally: Database access has historically been a blind spot, with credentials shared informally and activity rarely tied back to a specific user. By proxying connections and injecting credentials automatically, Privileged Remote Access removes the need for users to ever handle secrets directly.

In practice, teams get full visibility and control over database access within a secure, auditable workflow. This means every query is attributable, auditable, and governed without changing how teams work, closing a long-standing gap between database access and zero trust enforcement.

2. Endpoint Audio Streaming During Sessions

Before: Remote sessions relied solely on visuals, making it hard to detect issues in systems where sound is a critical indicator of performance or failure.

Now: Privileged Remote Access streams real-time audio directly from devices during a session.

What this changes operationally: In many environments—especially in operational technology (OT) environments—failure isn’t always visible. A machine can sound wrong long before dashboards reflect an issue. Without audio, remote sessions force admins to diagnose problems with incomplete signals.

Streaming real-time audio restores that missing layer of context for admins, helping teams detect and troubleshoot issues earlier and reduce mean time to resolution when seconds matter.

3. FIDO2 Authentication as a 2FA Method

Before: FIDO2 was mainly used for login, leaving sensitive sessions less protected.

Now: Privileged Remote Access supports FIDO2 as a second factor and allows per-session MFA in Asset Policies.

What this changes operationally: Authentication at login is no longer enough. Attackers increasingly wait until after access is granted to escalate privileges or hijack sessions.

By enforcing FIDO2 at the moment access is initiated, Privileged Remote Access shifts strong, phishing-resistant authentication to where it’s needed—closer to the point of risk—reducing the likelihood of session-based attacks without creating friction by forcing users through constant reauthentication.

4. RDS Broker Support

Before: RDS-brokered RDP sessions were tricky to manage through centralized access controls.

Now: Privileged Remote Access fully supports RDP sessions that use an RDS broker.

What this changes operationally: RDS environments often introduce complexity that breaks centralized control: sessions are brokered dynamically, making it harder to enforce consistent policies or maintain visibility.

With native RDS broker support, organizations can apply the same access controls, monitoring, and auditability across these complex remote desktop environments, eliminating a common gap where privileged access can become fragmented and harder to govern while keeping them simple and reliable for users.

5. Granular/login Admin Permissions (RBAC)

Before: Tasks like resetting passwords or managing MFA often require full admin rights, increasing risk.

Now: Privileged Remote Access allows delegated users to handle these tasks with specific permissions.

What this changes operationally: Overprivileged admin roles are often a byproduct of convenience. Teams grant broad access because it’s the fastest way to get work done, but this creates standing risk that’s difficult to justify or audit.

Granular permissions let organizations keep routine operations distributed, fast, and efficient without expanding the attack surface, reducing unnecessary privileges and enabling least privilege in practice—not just in policy.

A Shift in How Privilege is Secured

Across these updates, a clear pattern emerges: privileged access is no longer just about controlling who logs in, but understanding and governing what happens during access (from database queries to session context, to authentication timing).

This shift reflects how attacks actually unfold today, and why visibility, control, and enforcement need to happen continuously—not just at the point of entry.

From Access Control to Continuous Oversight: Why Privileged Remote Access 26.1.1 Matters

BeyondTrust Privileged Remote Access 26.1.1 blends security, automation, and operational flexibility. By expanding protocol support, improving session reliability, and enabling real-time device monitoring, organizations can secure access, enforce compliance, and gain operational visibility without slowing users down. Together, these capabilities reflect a broader shift toward continuous, context-aware control over privileged access—helping organizations secure not just identities, but the actions and pathways that define real risk.

Existing customers should upgrade to take advantage of the latest database coverage, session performance, and RDS broker features. New organizations evaluating PRA can see how 26.1.1 strengthens secure, zero trust–aligned privileged access across IT, OT, and CloudOps environments.

Already a customer? Upgrading ensures you are on the most secure and stable version available. Upgrade now to benefit from the latest security and performance advancements.

Exploring BeyondTrust Privileged Remote Access for the first time? Click here to see Privileged Remote Access in action.

Support & Resources 

Need help with your upgrade or have technical questions?

FAQs

Privileged Remote Access 26.1 adds a MongoDB protocol proxy with credential injection, endpoint audio streaming, FIDO2 support for per-session MFA, RDS broker support, and more granular admin permissions. These updates expand protocol coverage, improve session performance, and give real-time insight into devices all within a secure, zero trust workflow.

The MongoDB protocol proxy injects credentials securely, so users never see passwords. Teams can log all queries, enforce governance, and integrate MongoDB into existing workflows, enabling least-privilege, auditable database access.

Admins can hear sounds from supported devices during sessions, adding critical context for troubleshooting, monitoring, and operational decision-making especially in OT or other sound-sensitive systems.

Privileged Remote Access now supports FIDO2 for per-session MFA in Jump Policies, extending phishing-resistant authentication beyond login. This ensures strong, zero trust security at the moment access is granted.

Any organization managing privileged access to databases, servers, cloud platforms, or OT environments should upgrade to benefit from expanded protocol support, RDS broker integration, improved session performance, endpoint audio monitoring, and safer, more granular admin controls.

About the Author

Madhu Adireddi

Director, Product Management

Madhu is a Director of Product Management for Privileged Remote Access at BeyondTrust, bringing more than 15 years of experience developing enterprise-grade security and cloud infrastructure products, such as SIEM, GRC, and DLP. She is deeply passionate about turning complex technical challenges into intuitive, scalable, and secure solutions that deliver real value to customers. She is based in North Carolina.

Gayatri Karthy

Product Marketing Manager

Gayatri is a Product Marketing Manager at BeyondTrust for Privileged Remote Access. Prior to joining BeyondTrust, she worked across marketing functions, including channel marketing, customer marketing, and product marketing across large multinational corporations and smaller, agile companies. Gayatri currently lives in SF and enjoys traveling, practicing yoga, and watching horror movies in her free time.