PowerBroker for Unix & Linux

Server Privilege Management and Session Management

Protect privileged accounts, prevent and contain breaches, and achieve compliance on Unix & Linux systems. PowerBroker enables you to eliminate credential sharing, limit root access, and ensure accountability – without hurting productivity.

Comprehensive Unix & Linux Privilege and Session Management to Protect Your Most Critical Systems

It’s no secret that Unix and Linux systems present high-value targets for external attackers and malicious insiders alike. You can expect to be breached if you share credentials, provide unfettered root access, or let files and sessions go unmonitored. Gaining root or other privileged credentials makes it easy for attackers to fly under the radar and access sensitive systems and data. And the risk only increases as attack surfaces expand, perimeters vanish, attackers get smarter, and compliance pressures mount.

PowerBroker for Unix & Linux is an enterprise-class, gold-standard privilege management solution that helps security and IT organizations achieve compliance, control privileged access, and prevent and contain breaches that can effect Unix and Linux systems.

  • Monitor and audit sessions for unauthorized access, changes to files and directories, and compliance
  • Reduce attack surfaces by eliminating credential sharing, enforcing least privilege, and elevating commands without requiring users to have root access
  • Analyze behavior to detect suspicious user, account and asset activity
  • Centralize management, policy and reporting

With over 30 years of experience in server privilege management, BeyondTrust knows what it takes to protect your critical, tier-1 systems, and help you reduce risk and achieve compliance.


Auditing & Governance

Auditing & Governance

Analyzes user behavior by collecting, securely storing and indexing keystroke logs, session recordings and other privileged events.

Fine-Grained Least Privilege

Fine-Grained Least Privilege

Elevate privileges for standard users on Unix and Linux through fine-grained, policy-based controls.

Dynamic Access Policy

Dynamic Access Policy

Utilize factors such as time, day, location and application/asset vulnerability status to make privilege elevation decisions.

Remote System & Application Control

Remote System & Application Control

Enable users to run specific commands and conduct sessions remotely based on rules without logging on as admin or root.

File & Policy Integrity Monitoring

File & Policy Integrity Monitoring

Audit and report on changes to critical policy, system, application and data files.

Privileged Threat Analytics

Privileged Threat Analytics

Correlate user behavior against asset vulnerability data and security intelligence from best-of-breed security solutions.


Speed forensics and simplify compliance by providing an unimpeachable audit trail of all user activity

Enable compliance through the compartmentalization of IT tasks that require privileged accounts

Reduce risk by ensuring that critical files and policies have not been tampered with


Limit attack surfaces by providing just enough access to complete a task, and preventing the use of the root account

Keep systems safe by only allowing approved applications and commands to be executed

Reduce attack surfaces by helping IT make privilege decisions based on context and risk

Protect critical files from malware and privilege misuse

Eliminate workarounds or gaps that could lead to exploits

Reduce the risk that user activity can lead to a potentially damaging data breach


Enhance user productivity by simplifying processes that are complex with native tools or sudo

Simplify management, and speed deployments and upgrades

Reducing Insider Risks with PowerBroker for Unix & Linux Servers

1 Remove the Need to Login as Root

PowerBroker for Unix & Linux implements a true least privilege delegation model, allowing users to run any command at a higher privilege level so long as allowed by the centralized policy. Removing the need for users to logon as root allows the root user account to have much tighter security controls or be moved to a password management system such as PowerBroker Password Safe.

2 Achieve Compliance for Root

PowerBroker for Unix & Linux allows standard named user accounts to elevate to a root level with full session logging, providing a centralized indelible audit trail and ultimate accountability for each individual system administrator.

3 Make Up for sudo's Shortfalls

PowerBroker for Sudo provides a way to quickly and simply centralize one or more sudoers files. Connecting hosts can be optionally grouped or run in a hybrid of one to one plus grouped hosts, allowing simple and controlled access to specific sudoers files located on one or more centralized servers based on the requesting hosts group membership.

4 Seamlessly Integrate with Password Management

PowerBroker for Unix & Linux integrates seamlessly with PowerBroker Password Safe. This allows you to control both what users can access and what they can do once they have access.