Privilege Management for Windows and Mac: Features

An intelligent, preventative endpoint security approach that stops malware and phishing attacks on Windows & Mac. Watch the demo to learn how it works.

Control Privileges

Depending on the system, privilege assignments to people may be based on attributes that are role-based, such as business unit (marketing, HR, or dev) or other parameters (seniority, time of day, special circumstance, etc.). Additionally, various operating systems provide different default privilege settings for different types of user accounts.

BeyondTrust Privilege Management for Windows and Mac gives users just enough rights to do their job without impacting productivity. With low, medium, and high-flex policies out of the box, you can get your users up and running quickly.

Prevent Cyber Attacks

BeyondTrust’s Privilege Management for Windows & Mac solution is designed to eliminate unnecessary privileges, strictly control privileged access, and provide pragmatic application control to reduce the attack surface.

This solution harnesses a unique, Trusted Application Protection (TAP) feature, which provides an ready-to-deploy policy designed to mitigate common attack techniques and prevent high risk applications like web browsers, PDF viewers, Outlook, and Microsoft Office from being exploited.

Trusted Application Protection uses both privilege management and application control capabilities to prevent high-risk applications from launching custom malware payloads. It also protects high-risk applications from more sophisticated DLL attack techniques, such as DLL injection, hijacking, and malicious DLL plugins.

Rollout Quickly and Easily

Included in Privilege Management for Windows & Mac are QuickStart Templates. These are flexible, ready-to-deploy workstyles that let you start managing admin rights for everyone on Day 1.

BeyondTrust’s built-in policies are based on thousands of deployments across even the most complex organizations. This rapid on-boarding process means you can remove rogue privileges overnight without hindering productivity. SaaS deployments for immediate results are also available.

QuickStart Templates work for all levels of user privilege, from sales and HR to advanced developer teams and sysadmins.

Quick Start Policies

Pre-built workstyle templates cover 80% of use cases

Quick Start Templates are flexible, out-of-the-box workstyles that let you immediately eliminate admin rights for everyone on day 1 without disrupting the business.

Our built-in policies are based on experience thousands of deployments across even the most complex organizations. And they work immediately out-of-the-box. This rapid on-boarding process means you can remove overnight without productivity loss.

Templates work for all users, from the least privileged desktop user to advanced developers and sysadmins.

Our default settings cover 80% of use cases. Exception handling covers the rest. And recorded behavioral data let's you make policy improvements over time for each specific user group.

Trusted Application Protection

Stop Zero Day Threats with Trusted Application Protection

Many cyber attacks target trusted applications. Trusted applications remain a threat even if you've removed admin rights. Attackers can use script-based malware in Office documents and PowerShell to conduct file-less attacks and evade detection.

The pre-built templates within Trusted Applications Protection stop attacks involving trusted apps, catching bad scripts and infected email attachments immediately.

Use it to protect trusted applications such as Word, PowerPoint, Excel, Adobe Reader, common web browsers, and more by controlling their child processes and DLLs.

Application Control

Use challenge-response codes before sysadmins run Registry Editor

An automated whitelist and elegant exception handling give you total control over what users can install or run. Deliver trust-based application whitelisting with a flexible policy engine. You can utilize challenge-response codes for low-flexibility application control, or allow automatic approval, protected by full audit trails, for advanced users.

Our automated whitelist is made up of applications that are allowed through Group Policy, installed by a genuine administrator, or deployed to the machine via the organizations deployment tool, like SCCM or Altiris.

  • Block or allow applications for each group of users
  • Improve compliance by tracking processes, installations, and attempted installations
  • Add applications to policies with simple copy & paste
  • Whitelist applications based on publisher, hash, or other flexible methods

Power Rules

Power Rules let you use PowerShell scripts to automate workflows, create custom behaviors, or build integrations with ServiceNow ITSM and other tools.

Power Rules can help speed decisions on whether to allow an application to run or run elevated by automating the integration of third party intelligence sources.

Enterprise Auditing & Reporting

Provide a single audit trail of all user activity to streamline forensics and simplify compliance. Graphical dashboards and reports with drill-down options provide fast access to as much detail as you need.

In addition to providing an audit trail, reports also make it easy to refine and improve you security policies.

  • Every user, process, and privilege
  • All net-new applications
  • Privileged account protection logs
  • Trusted Application Protection events
  • Custom reports, and more!