Privileged Access Management
Content of Figures
- Figure 1 The PAM market is seeing dynamic growth as vendors seek to add better functionality to meet security challenges and more players enter the market.
- Figure 2 Advanced PAM elements. As the market demands have developed vendors have added more functionality to their solutions.
- Figure 3 The Overall Leadership rating for the PAM market segment
- Figure 4 Product Leaders in the PAM market segment
- Figure 5 Innovation Leaders in the PAM market segment
- Figure 6 Market Leaders in the PAM market segment
- Figure 7 The Market/Product Matrix.
- Figure 8 The Product/Innovation Matrix.
- Figure 9 The Innovation/Market Matrix
1 Introduction
This report is an overview of the market for Privilege Access Management (PAM) solutions and provides a compass to help buyers find the solution that ...
Login Get full Access1.1 Market segment
Privileged Access Management (PAM) solutions are critical cybersecurity controls that address the security risks associated with the use of privileged ...
With the attack surface expanding and the number of attacks increasing every year, an integrated and more comprehensive PAM solution is required – o ...
Login Get full Access1.2 Delivery models
This Leadership Compass is focused on PAM products that are offered in on-premises deployable form as an appliance or virtual appliance, in the cloud ...
Login Get full Access1.3 Required capabilities
In this Leadership Compass, we focus on solutions that help organizations reduce the risks associated with privileged access, through individual or sh ...
At KuppingerCole, we classify the Privileged Access Management (PAM) market into the following key technology functions with PAM vendors providing var ...
Login Get full Access1.3.1 Privileged Account Data Lifecycle Management (PADLM)
The usage of privileged accounts must be governed as well as secured. The PADLM function serves as a tool to monitor the usage of privilege accounts o ...
Login Get full Access1.3.2 Shared Account Password Management (SAPM)
Best practice demands that organizations switch to single identity privileged accounts, but shared privileged accounts still exist in many organizatio ...
Login Get full Access1.3.3 Application to Application Password Management (AAPM)
Part of digital transformation is the communication between machines and applications to other applications and database servers to get business-relat ...
Login Get full Access1.3.4 Controlled Privilege Elevation and Delegation Management (CPEDM)
This is another increasingly important function related to the fluid and fast changing needs of digital organizations. As the name suggests it allows ...
Login Get full Access1.3.5 Endpoint Privilege Management (EPM)
EPM offers capabilities to manage threats associated with local administrative rights on laptops, tablets, smartphones or other endpoints. EPM tools e ...
Login Get full Access1.3.6 Session Recording and Monitoring (SRM)
Session Recording and Monitoring offers basic auditing and monitoring of privileged activities. SRM tools can also offer authentication, authorization ...
Login Get full Access1.3.7 Just in Time (JIT)
Just-in-time (JIT) privileged access management can help drastically condense the privileged threat surface and reduce risk enterprise-wide by grantin ...
Login Get full Access1.3.8 Privileged Single Sign-On (SSO)
Single sign-on is a user authentication system that permits a user to apply one set of login credentials (i.e. username and password) to access multip ...
Login Get full Access1.3.9 Privileged User Behaviour Analytics (PUBA)
PUBA uses data analytic techniques, some assisted by machine learning tools, to detect threats based on anomalous behaviour against established and qu ...
Login Get full Access1.4 Other advanced features
PAM should accommodate the presence of a multitude of privileged users within an organization which includes temp workers, contractors, partner organi ...
Login Get full Access2 Leadership
Selecting a vendor of a product or service must not be only based on the comparison provided by a KuppingerCole Leadership Compass. The Leadership Com ...
The PAM market is highly dynamic, and there have been a few changes in our Overall Leaders and Challengers for 2020. We had more vendors join the full ...
Product Leadership is the first specific category examined below. This view is mainly based on the analysis of product/service features and the overal ...
Again, CyberArk is rated as the leading vendor, followed by BeyondTrust and Thycotic with a hair’s breadth between them. While the three have some d ...
Next, we examine innovation in the marketplace. Innovation is, from our perspective, a key capability in all IT market segments. Customers require inn ...
The pacing in innovation has changed with five companies vying at the top of the innovation space, reflecting the growing awareness of the importance ...
Finally, we analyze Market Leadership. This is an amalgamation of the number of customers, number of managed identities, ratio between customers and m ...
In this section there are few surprises as the biggest longest-serving companies tend to dominate although even here there is some flux with a flatten ...
Login Get full Access3 Correlated view
While the Leadership charts identify leading vendors in certain categories, many customers are looking not only for a product leader, but for a vendor ...
Login Get full Access3.1 The Market/Product Matrix
The first of these correlated views contrasts Product Leadership and Market Leadership. This is where we see a more granular breakdown of the results ...
Vendors below the line have a weaker market position than expected according to their product maturity. Vendors above the line are sort of “overperf ...
Login Get full Access3.2 The Product/Innovation Matrix
This view shows how Product Leadership and Innovation Leadership are correlated. It is not surprising that there is a pretty good correlation between ...
Vendors below the line are more innovative, vendors above the line are, compared to the current Product Leadership positioning, less innovative.
In ...
Login Get full Access3.3 The Innovation/Market Matrix
The third matrix shows how Innovation Leadership and Market Leadership are related. Some vendors might perform well in the market without being Innova ...
Vendors above the line are performing well in the market compared to their relatively weak position in the Innovation Leadership rating; while vendors ...
Login Get full Access4 Products and vendors at a glance
This section provides an overview of the various products we have analyzed within this KuppingerCole Leadership Compass on PAM. This overview goes int ...
Login Get full Access4.1 Ratings at a glance
Based on our evaluation, a comparative overview of the ratings of all the products covered in this document is shown in Table 1.
Login Get full AccessIn addition, we provide in Table 2 an overview which also contains four additional ratings for the vendor, going beyond the product view provided in t ...
Login Get full Access5 Product/service evaluation
This section contains a quick rating for every product/service we’ve included in this KuppingerCole Leadership Compass document. For many of the pro ...
Login Get full Access5.1 ARCON
Founded in 2006 and based in Mumbai (India), ARCON offers its Privilege Account Management Suite to manage privileged access across various delivery m ...
Login Get full Access5.2 BeyondTrust
After acquiring Avecto, Lieberman software and BeyondTrust, Bomgar decided to merge the businesses and keep the BeyondTrust brand for the new entity. ...
Login Get full Access5.3 Broadcom Inc.
A new name in the PAM Leadership Compass but the presence of the US chip manufacturing giant is explained by its acquisitions of CA Technologies and s ...
Login Get full Access5.4 Centrify
Based in the US, Centrify offers several PAM modules as part of an overall suite which includes privilege access, authentication, privilege elevation ...
Login Get full Access5.5 CyberArk
Headquartered in Israel and the US, CyberArk is one of the more mature providers of PAM solutions having been in the market since 1999. It has continu ...
Login Get full Access5.6 Devolutions
Founded in 2010, Canadian firm Devolutions started out by providing remote access solutions to SMBs. It has since added PAM solutions to its portfolio ...
Login Get full Access5.7 EmpowerID
Based in Ohio (US), EmpowerID offers several products within its broader IAM portfolio, of which EmpowerID Privileged Access Management (PAM) is its r ...
Login Get full Access5.8 Fudo Security
FUDO Security, with offices in California and Poland was founded in 2012. It offers FUDO PAM as its primary PAM product in the market. FUDO Security h ...
Login Get full Access5.9 Hitachi ID Systems
Hitachi ID, headquartered in Canada, is a global IAM software provider that originated as MTech Information Technology and acquired by Hitachi in 2008 ...
Login Get full Access5.10 Krontech
Based in Turkey, Krontech is the technology arm of Kron, a telco firm publicly listed on the Istanbul stock exchange. Krontech offers its Single Conne ...
Login Get full Access5.11 ManageEngine
Headquartered in Pleasanton, US, ManageEngine is a part of the India-based Zoho Corporation founded in 1996. PAM360 is the company’s main offering t ...
Login Get full Access5.12 Micro Focus
UK based Micro Focus has seen some tribulations in recent years following the not so smooth acquisition of HPE’s former software assets. The company ...
Login Get full Access5.13 One Identity
California-based One Identity, which specializes in IAM solutions also offers a good range of products that fulfill the fundamentals of PAM. It provid ...
Login Get full Access5.14 OnionID
Onion ID which has offices in the US and India specializes in PAM solutions for cloud applications, servers, hosted databases, containers, APIs, and s ...
Login Get full Access5.15 Osirium
Based in the UK, Osirium offers a range of Privileged Access solutions. This includes basic PAM that includes session management, task management and ...
Login Get full Access5.16 Remediant
Based in San Francisco, Remediant is a single product PAM company founded in 2013. Its SecureONE product uses agent-less and vault-less technology at ...
Login Get full Access5.17 Sectona
Founded in 2017, Mumbai (India) based Sectona is one of the youngest of PAM market entrants and sells Spectra PAM as its PAM solution. Sectona is fund ...
Login Get full Access5.18 Senhasegura
Based in São Paulo, Brazil, MT4 Networks produces Senhasegura as its flagship PAM product. Comprised of multiple modules, Senhasegura offers comprehe ...
Login Get full Access5.19 SSH Communications Security
Based in Helsinki, Finland, SSH.COM offers PrivX as its primary product in the PAM market. PrivX is a relatively new offering in the market by SSH.COM ...
Login Get full Access5.20 STEALTHbits Technologies
Founded 2002, in Stealthbits is a US based company that offers several solutions designed to help organizations meet their GRC obligations. Part of th ...
Login Get full Access5.21 Systancia
France based Systancia has several workplace and application virtualization tools. As part of this it offers the Cleanroom platform, which it develope ...
Login Get full Access5.22 Thycotic (OEMed by IBM)
Based in Washington D.C. (US), Thycotic offers the Secret Server platform as its primary PAM. Secret Server is known for its comprehensiveness, ease o ...
Login Get full Access5.23 WALLIX
Based in France, WALLIX provides WALLIX Bastion as its primary PAM product in the market. At the core of Bastion is password management, session manag ...
Login Get full Access5.24 Xton Technologies
Founded in 2017 and based in the US, XTON Technologies offers its XTON Access Manager (XTAM) platform to enterprise customers with a strong emphasis o ...
Login Get full Access6 Vendors and Market Segments to watch
Aside from the vendors covered in detail in this Leadership Compass document, we also observe other vendors in the market that we find interesting. So ...
Login Get full Access6.1 Deep Identity
Based in Singapore, Deep Identity is a regional provider of Identity Management software, offering Deep PIM as its primary PAM product which is essent ...
Login Get full Access6.2 HashiCorp Vault
San Francisco (US) based HashiCorp is a provider of application development and delivery management software for datacenters. Built on an open source ...
Login Get full Access6.3 Identity Automation
Houston (US) based Identity Automation is an IAM solution provider that offers RapidIdentity Privileged Access Management as its PAM product in the ma ...
Login Get full Access6.4 IRaje
India based IRaje offers Privileged Identity Manager (PIM) as a complete PAM solution with a compelling feature set and the flexibility to customize a ...
Login Get full Access6.5 NRI Secure Technologies
Japan based NRI Secure Technologies offers SecureCube Access Check primarily providing Privileged Session Management (PSM) capabilities. Operating in ...
Login Get full Access6.6 ObserveIT
ObserveIT provides a comprehensive agent based PSM platform that is deployable and scalable across a variety of IT systems. Offers detailed user behav ...
Login Get full Access6.7 Saviynt
Saviynt is a US based company founded in 2010 that specializes in IGA and Identity solutions. It has recently entered the PAM market with a new cloud ...
Login Get full Access6.8 Venafi
US based Venafi offers TrustAuthority, a machine identity protection platform that also offers extensive SSH key management for securing privileged ac ...
Login Get full Access7 Related Research
Advisory Note: Trends in Privileged Access Management for the Digital Enterprise –71273Architecture Blueprint: Access Governance and Privilege Management – 79045
Blog: PAM Can Reduce Risk of Compliance Failure but is Part of a Bigger Picture
Blog: Privileged Access Management Can Take on AI-Powered Malware to Protect
Blog: Taking One Step Back: The Road to Real IDaaS and What IAM is Really About
Executive View: BeyondTrust Password Safe – 80067Executive View: CyberArk Privilege Cloud – 80122
Executive View: Devolutions PAM Solution – 80070
Executive View: One Identity Safeguard Suite – 80074
Executive View: Thycotic Privilege Manager – 80004
Executive View: Wallix Bastion – 79053
Executive View: Xton Technologies Access Manager – 80128
Leadership Brief: Privileged Account Management Considerations – 72016
Leadership Compass: Identity Provisioning – 70949
Leadership Compass: Identity Governance & Administration – 71135
Leadership Compass: Privilege Management - 72330
Whitepaper: AI, Machine Learning and Privilege Access Management – 80120
Whitepaper: Privileged Access Requirements for Small to Medium Size Businesses (SMB) – 80123
Whitepaper: Understanding Privilege Access Management – 80302