USA +1 302 412 1512  |  BR +55 11 3069 3925 

The Competitive Landscape report for PAM

by | Feb 11, 2021 | BLOG

Privileged credentials are spread across the infrastructure of organizations of all sizes and types. Through them, it is possible to take a series of administrative actions, such as significant changes in assets and critical systems as Domain Admin servers or ERP systems. No wonder one can also call them “keys to the kingdom”. 

And ensuring the security of these “keys” and privileged access is not an easy task for those responsible for Information Security. And taking into account the latest news of data leaks, not just IT teams but all organizational leaders are aware of the risks associated with privileged credentials and how such risks are considered to be part of the business strategy. 

It is also worth remembering that, driven by the shift to decentralized models, we saw a boom of cloud-based approaches. For this reason, according to Gartner, more than half of global companies that already use Cloud will adopt a 100% Cloud-based strategy by 2021. In addition, the increase in connected devices as a result of the expansion of IoT, Industry 4.0 (also called Industrial IoT), DevOps, and other digital transformation initiatives has also increased the number of connected devices and privileged credentials. Many of these credentials are not associated with people and are called service accounts. As they are not associated with a user, in most cases, these accounts are not properly managed and monitored by the security teams, which increases the risk of being exploited by malicious attackers.

And for those who think cyberattacks are limited to large organizations, 28% of these attacks were performed against small and medium-sized businesses, according to the Data Breach Investigation Report from 2020. Also, research by the National Cyber Security Alliance has found that 60% of these companies shut down within 6 months after a cyberattack. 

Regarding cyberattacks, some of the biggest and most recent ones involved the lack of proper protection for privileged credentials. The attack on SolarWinds, for example, came to show us the need to ensure the security of these credentials. This is because, by obtaining improper access to the infrastructure through malware, malicious attackers were able to move laterally through the infrastructure via compromised privileged credentials.

Thus, the goal of Privileged Access Management is to assist organizations to protect, control, manage, and monitor privileged access to critical assets. Therefore, by centralizing the management of privileged credentials in one place, a PAM solution is able to ensure the maximum level of security, controlling access and monitoring suspicious activities.

Gartner considers Privileged Access Management so important that it chose this market as the number one security project for two years in a row in its publication Top 10 Security Projects. And to address the Privileged Access Management scenario, Gartner has released the Competitive Landscape: Privileged Access Management report, prepared by its researcher Swati Rakheja. 

And with the increase in PAM adoption, mainly through SaaS deployments, privileged credential management solutions, which were previously limited only to global organizations, are now also reaching small and medium-sized companies. Also according to Gartner’s report, the PAM market will continue to experience great adoption, expecting a compound annual growth (CAGR) of 10.7% between 2020 and 2024, reaching the size of USD 2.9 billion in 2024. 

Considering that PAM use cases are evolving along with the capabilities and functionality of the solutions, and in order to continue to serve this large and promising market, PAM providers must reassess their strategic positioning in the market by offering new features to meet the needs of organizations of all sizes.

Some of the basic functionalities of a PAM solution, according to Gartner, include everything from credential discovery, onboarding, and management through password vaulting and rotation to privileged access governance and recording and auditing capabilities, such as privileged activity logging and reporting.

While small and medium-sized companies are starting their PAM implementations with these basic functionalities, global organizations are including advanced PAM use cases, which cover, for example, Just-in-time, or JIT access. When using JIT approaches, the solution performs access provisioning based on time of use, reducing the attack surface and the risks of attacks that exploit privileged credentials. 

Also, functionalities based on Artificial Intelligence and Machine Learning, Privileged Task Automation, or PTA, and privileged session auditing are also included in the list of advanced PAM functionalities.

Other emerging needs in the PAM market are access management in multi-cloud and DevOps environments, including CI/CD automation and secrets management.

It is important to note that this difference in the use of PAM features also extends to geographic regions: while emerging markets such as Asia-Pacific and Latin America are still implementing basic Privileged Access Management features, more mature markets such as the European and North American already consider and implement more advanced use cases.

Finally, Gartner’s report presents the competitive profile of the main provider within the PAM market, including senhasegura. In this profile, Gartner brings information such as the product or portfolio overview and how the provider competes in the market.

Regarding senhasegura, Gartner highlighted our PAM offer based on the privileged access life-cycle, considering the Before-During-After approach. This life-cycle includes aspects from the discovery of assets, credentials, and digital certificates to the visibility of actions performed in the environment, allowing the organization to cover all aspects associated with the protection of credentials and privileged access.

As a competitive advantage of senhasegura, Gartner mentions Keystroke Dynamic Identity, or KDI. Based entirely on Artificial Intelligence and Machine Learning, KDI allows the continuous verification of the user’s identity through behavioral biometrics. Gartner also shows that senhasegura has been highly praised by its users for its ease of use and quick installation, not to mention its intuitive and user-friendly interface.

$13 million growth investment drives senhasegura’s expansion in North America and the Middle East

Written by Priscilla Silva São Paulo, March 10, 2023 - senhasegura, an award-winning Privileged Access Management (PAM) solution provider that protects corporate IT environments and critical resources from cyber threats, announces a $13 million funding round from...

senhasegura wins CyberSecured 2022 award as best PAM solution in the USA

Written by Priscilla Silva SÃO PAULO, February 28 of 2023 - The 2022 edition of the CyberSecured awards, promoted by Security Today magazine, a brand of 1105 Media's Infrastructure Solutions Group, elected senhasegura as the winner in the Privileged Access Management...

How User and Entity Behavior Analytics Helps Cybersecurity

Cyberattacks are increasingly sophisticated, making traditional digital security tools insufficient to protect organizations from malicious actors. In 2015, Gartner defined a category of solutions called User and Entity Behavior Analytics (UEBA).Its big advantage is...

Best Practices for Consolidating Active Directory

This article was developed especially for you, who have questions about the best practices for consolidating Active Directory. First of all, you need to understand that directory services have the role of organizing important information for companies in a centralized...

senhasegura introduces the “Jiu-JitCISO” concept to show the power of Brazilian cybersecurity

Written by Priscilla Silva São Paulo, January 13, 2023 - "Like Jiu-Jitsu senhasegura is about self-defense. Every company must know how to protect itself and its clients". This is the aim based on the philosophy of the Japanese martial art, but made popular and...