Endpoint Privilege Management and Application Control

Employee workstations and personal devices can be the most vulnerable part of your IT system. If a local admin clicks on a malicious link and downloads malware, their workstation is instantly compromised. One compromised user with privileged access can give a hacker full control to take down the network. Stop malware and ransomware attacks like these from exploiting applications by removing local administrative rights from endpoints. Automatically removing admin rights from managed endpoints mitigates critical vulnerabilities. Easily implement least privilege and application control today with IBM Security Privilege Manager.
IBM Security Privilege Manager

Gain visibility into endpoints

Discover all local groups across the network and the apps that require admin rights to execute. Create custom whitelist, blacklist or greylist of trusted/untrusted apps/contextual elevation policies.

Enforce the principle of least privilege

Remove all local administrative credentials at once, including hard-coded and hidden admins. Deploy agents to all Mac and Windows endpoints, for control of domain and non-domain managed machines.

Reduce impact on desktop support teams

Through application control, automatically elevate privileges for approved applications, deny those on blacklists, or sandbox unknown applications so they run without access to critical systems.

Achieve audit compliance

Create an audit trail of all application policies, admin credentials and privilege elevation activities. Show auditors how implementation of Least Privilege prevented malicious apps from running.

Privilege Manager Key Features

  • Discovery
  • Local Admin Rights Removal
  • Policy-based application control
  • Whitelisting
  • Blacklisting
  • Greylisting
  • Sandboxing
  • Contextual control
  • Limit child processes
  • Inventory all local groups and users
  • Coverage of non-domain endpoints
  • Auditing and reporting