The author of this Pathfinder report is Mike Fratto, a Senior Research Analyst on the Applied Infrastructure & DevOps team at 451 Research, a part of S&P Global Market Intelligence. Pathfinder reports navigate decision-makers through the issues surrounding a specific technology or business case, explore the business value of adoption, and recommend the range of considerations and concrete next steps in the decision-making process.
This report explores the following topics:
Research finds PAM solutions are too complex with 68% of organizations paying for “wasted features” that are rarely used. A global survey of 400 IT and security executives conducted in January 2023, by Keeper Security in partnership with TrendCandy Research, reveals an overwhelming industry desire for Privileged Access Management (PAM) solutions that are easy to deploy and maintain.
The findings show that traditional PAM solutions are falling far short, largely because they are too complex to implement and use. An overwhelming 84% of IT leaders said they want to simplify their PAM solution in 2023. In the current high-risk security climate, it is imperative that all organizations secure their privileged credentials, privileged accounts, and privileged sessions to protect their crown jewels. However, many traditional PAM solutions are failing to provide their intended value outside of these core use cases, because deployment is either too complex, too cost-prohibitive, or both. In the era of remote work, organizations need agile identity security solutions that can protect against cybersecurity threat vectors by monitoring, detecting, and preventing unauthorized privileged access to critical resources.
Keeper Security, a leading innovator in privileged access management, wanted to better understand how IT leaders are thinking about PAM, deploying their PAM solutions, and streamlining their PAM implementations. Keeper commissioned an independent research firm to survey 400 IT and data security leaders in North America and Europe about their strategies and plans for PAM in 2023.
When used in conjunction with the BackBox Network Automation Platform, BackBox Network Vulnerability Manager aids in the detection of vulnerabilities and the strengthening of cyber-attack defenses. Administrators confront substantial hurdles in addressing vulnerabilities in network devices such as firewalls, intrusion detection systems (IDSs), and routers. NIST publishes over 2,500 CVEs each month, overwhelming network managers with security knowledge.
The BackBox Network Vulnerability Manager solves these issues with its Closed-Loop Vulnerability Remediation procedure.
Dynamic Inventory: BackBox offers a comprehensive picture of network and security devices, removing the need for laborious and error-prone inventory processes.
Risk Scoring and Analytics: BackBox Network Vulnerability Manager's risk scoring engine assesses organizational vulnerabilities, providing attack surface scores and risk metrics for all network devices. This offers a thorough understanding of network vulnerabilities and risk exposure.
CVE Mitigation: Administrators search device configurations for vulnerable settings to assess CVE relevance. Automation removes mitigated vulnerabilities from the risk score. Certain CVEs can be marked non-applicable, recalculating the risk score for an accurate vulnerability status.
Without BackBox, vulnerability patching involves a manual process:
BackBox automates device detection, data collecting, and vulnerability mapping while prioritizing updates based on risk assessment. This gives administrators an up-to-date picture of network hazards, allowing them to quickly upgrade and provide full security.