Indeed PAM Indeed Privileged Access Manager

The Indeed Privileged Access Manager (Indeed PAM) product is being developed from scratch as access control system using privileged accounts. The product is based on many years of experience of the company "Indid" in creating products in the field. information security

2026

Indeed PAM 3.3 with Web-Proxy

On January 15, 2026, Indeed introduced an updated version of Indeed Privileged Access Manager (Indeed PAM) 3.3, a system for controlling the access of privileged users. Key product updates are designed to improve the security of access to web resources, simplify session management, and provide flexibility in access control.

The most significant changes Indeed has made to Indeed PAM are aimed at increasing the level of access security of privatized users. Version 3.3. was supplemented by the Web-Proxy component, which provides secure access to web applications directly through browser without the need for Microsoft RDS. This component is deployed on - Linux hosts and provides an isolated environment for working with - HTTPS resources. The user can open the web resource directly from the User Console. In this case, the administrator is able to download the SSO template to automatically populate the credentials on the data target resource. This approach provides easy access without revealing to password the user and at the same time maintains a high level of security.

Another change implemented in Indeed PAM 3.3 is the Web terminal component, which allows you to connect to RDP and SSH resources directly from the browser. Users now do not need to install specialized client applications to access Remote Desktops and the command shell. The session via the Web terminal is started directly from the User Console, which greatly simplifies the process of connecting to target systems and improves the user experience. This is especially true for remote work scenarios, for example, when granting access to contractors.

In addition, the developer added an information panel (dashboard) to the Indeed PAM (Management Console). This tool allows administrators to monitor key system performance indicators and analyze user activity in real time, quickly identifying potential security issues. The dashboard presents widgets with statistics on sessions, permissions, accounts, unsuccessful attempts, authentications, to licenses views of accounts data and user activity. Each widget allows you to go to the corresponding Indexed PAM section for more detailed analysis.

Other important updates to Indeed Privileged Access Manager are designed to improve system flexibility and convenience. In particular, Indid expanded the functionality of the SQL access module. It now supports connection to Microsoft SQL Server through the MSSQL Proxy component. Its implementation is fully consistent with the functionality available for PostgreSQL Proxy, which ensures uniformity of work with different DBMS and makes it easier for administrators to manage user sessions.

In version 3.3, Indeed PAM users have the ability to open a session without repeating. authentications By downloading an RDP to the file or copied command, the user can connect to the resource once without having to re-enter the credentials. data This functionality optimizes user time while improving security by eliminating additional sensitive entry points. information

We are constantly developing Indeed PAM and improving its functionality so that our product meets the highest security requirements and solves the most critical and urgent customer tasks. In version 3.3, we expanded the capabilities of the system by adding support for custom web sessions through a specialized component, the ability to connect to resources directly in the browser without installing additional clients, and support for accessing Microsoft SQL Server databases. These changes allow customers to increase the level of security of privileged access, simplify the work of users and provide flexibility in the implementation of various scenarios: from remote work of employees to safe interaction with contractors, - said Mikhail Elychev, Product Manager of Indeed PAM in Indid.

2025

Integration with Security Capsule SIEM

On December 2, 2025, Indeed and ITB announced the integration of the Indeed Privileged Access Manager (Indeed PAM) privileged user access control solution and the Security Capsule SIEM (SC SIEM) centralized event monitoring and incident detection system.

The technological integration of Indeed PAM and SC SIEM provides Russian companies with comprehensive protection of critical IT resources, allowing to strengthen access control for users with extended rights and promptly respond to information security incidents.

Due to the compatibility of the two solutions, privileged account activity data is automatically transferred from Indeed PAM to SC SIEM. Security professionals can analyze data about sessions, access attempts, and activities in privileged accounts. This reduces the risk of unauthorized entry into the IT infrastructure and compromising key IT resources.

Working in conjunction, Indeed PAM and SC SIEM form a single information space for access control as well as security monitoring. Thanks to this, companies can monitor the actions of administrators and users with extended rights in real time, speed up the investigation of incidents (the so-called "forensics") and increase the transparency of operations in sensitive information systems.

The compatibility of Indeed PAM with Security Capsule SIEM opens up additional opportunities for enterprise clients in the areas of access control, monitoring and analytics. Effectively configured SIEM correlation rules reduce the detection time of suspicious activity associated with user credentials with enhanced rights. As a result, organizations receive a tool for controlling privileged accounts and responding in a timely manner to incidents of suspicious activity related to credentials, "explained Andrey Laptev, director of product development at Indid.

In this integration, we have relied on a practical benefit for SOC rather than a "compatible" declaration. We have implemented exactly the rules that neutralize the key risks of managing privileged accounts here and now: off-hours activity, brute-force, massive changes in rights and appeals from previously blocked accounts. This is the first stage - and we will continue to expand the depth of analytics of PAM events in SC SIEM - added Sergey Grafov, development project manager at ITB.

Indeed PAM 3.2 with authorization without password

On October 6, 2025, Indeed introduced Indeed PAM 3.2, an updated version of the product for managing privileged user access. This update included the ability to authenticate with SSH keys without a password and implements the function of adding internal users without accessing an external directory.

A key change in this version of Indeed Privileged Access Manager (Indeed PAM) improves security and ease of use when connecting to target systems via SSH. In particular, an authentication method has been added - by SSH keys. It allows you to connect to information systems without entering password and thereby reduces the risks attacks that are carried out by selecting or intercepting accounts. data This change will make it much easier for users to access the necessary resources, and the process authentications on the most important systems will become safer.

Another important feature added to Indeed Privileged Access Manager increases the flexibility and convenience of administrators working with users. Now you can create internal users, including contractors, directly in the management console - without accessing the external directory. This enables the use of Indeed PAM in isolated network segments and provides continuous access to the infrastructure even in the event of an external directory failure. This supports simultaneous work with external directories and internal users.

Another improvement implemented in version 3.2 simplifies the detection of unused access rights: an automatic detection function has been added to the product. It helps administrators review access policies in a timely manner and minimize excess privileges.

In addition, Indeed PAM has received an improved session search mechanism: the process has become more convenient, and the results are more informative. You can now filter sessions due to termination. New states of completed sessions have also appeared, indicating the initiator. This approach simplifies auditing and accelerates the work of administrators when analyzing user activity.

We are systematically developing our product, taking into account customer requirements and modern information security requirements. In Indeed PAM 3.2, significant functional changes are implemented to provide a high level of access protection and at the same time improve the convenience of operation, for example, when users are authenticated in systems. To do this, we added an authorization tool without a password - using SSH keys. It is based on cryptographic protection methods. It guarantees a high level of privileged access security. Also, the new version of Indeed PAM includes features that will make it easier for administrators to work and more convenient to manage users, "said Ilya Moiseev, Indeed PAM Product Manager in India.

Integration with Dynamic Directory

Indeed and STC IT ROSA on September 30, 2025 announced the technological compatibility of Indeed Privileged Access Manager and Dynamic Directory expands the capabilities of customers in the field of privileged access protection. Read more here.

Integration with Red OS 8

Indid and Red Soft announced a technological partnership on August 4, 2025. The key goal of cooperation is to increase the security of privileged access to the IT infrastructure built on the import-independent technology stack, and accelerate the transition of organizations to domestic software.

The companies have integrated the product to protect privileged access Indeed Privileged Access Management (Indeed PAM) with the Russian operating system Red OS 8.

RED OS compatibility confirms that Indeed PAM is fully suitable for government and corporate customers to operate on an import-independent IT infrastructure and allows them to comply with current information protection laws.

Through our partnership with RED SOFTWARE, we improve the functionality of our product, providing customers with a high level of security for privileged user access and protection against unauthorized use of extended rights. The integration of RED OS and Indeed PAM expands the possibilities for Russian companies to create an IT infrastructure based on domestic software products, which is especially important in the face of growing information threats and strengthening regulatory requirements, - said Andrey Laptev, director of the product office of India.

To maintain business stability and cyber resilience, companies need solutions built on the basis of the Russian technology stack. Cooperation with Indid is another important step aimed at the rapid and comfortable transition of organizations to modern and economically profitable domestic developments in the field of information security. Sharing RED OS and Indeed PAM products helps reduce the risks of cyber attacks, "commented Victoria Kostina, Head of Technology Compatibility at RED SOFT.

Version 3.0 compatibility with Jatoba version 6.4.1

On April 23, 2025, Gazinformservice"" and Indid"" announced the successful completion testings of compatibility database management systems Jatoba version 6.4.1 and the solution for managing privileged access Indeed Privileged Access Manager (PAM) version 3.0. The integration of these products provides organizations with comprehensive protection for critical users, data enabling them to control privileged users' access databases to and minimize the risks of unauthorized access. More. here

Version 3.0 with PostgreSQL Proxy

Indeed has expanded the functionality of Indeed Privileged Access Manager (Indeed PAM), a product for controlling the access of privileged users. The developer announced this on January 23, 2025.

Important updates Indeed has made to Indeed PAM are aimed at improving the security of access for users with enhanced rights. In version 3.0, a new component was added - PostgreSQL Proxy, with which the PAM administrator can open SQL sessions and view text logs, where all SQL queries executed by users are written. This provides greater control over privileged sessions and makes it easier to investigate incidents.

In addition, in order to strengthen the protection of privileged accounts from potential cyber threats, Indeed PAM 3.0 has been supplemented with a function to verify the fingerprints of keys - SSHservers which serve to confirm the authenticity of the resource at the time of connection. The use of fingerprints provides protection against attacks the type MITM (Man in the Middle) and increases the security of access to critical resources.

In this version, the developer also paid special attention to the convenience of working with the product. In particular, the installation and update processes of Indeed PAM have been improved, which are now executed from a single point using a convenient management interface. With an improved installation wizard, users can reduce the time and effort required to install, update, or reconfigure the system.

A section has been added to the Indeed PAM management console where the administrator can manage all resource services located on Windows hosts in the company infrastructure. Thanks to this change, the passwords of the accounts from which services are launched are now updated automatically. After changing passwords (manually or according to a schedule), services will start with already updated credentials.

Early versions of Indeed PAM supported several specific types of service connections. With the release of version 3.0, users were able to create their own types of service connections and thus perform service operations on new resource types. This allows you to strictly control privileged accounts on rare types of resources that are in the infrastructure of many organizations.

Developing Indeed PAM, we try to take into account all current market and business needs. Therefore, in addition to the technical improvements in the new version, we focused on providing customers with the most functional solution that will allow you to effectively and securely manage privileged access taking into account information security requirements. Another important task of our company is to provide users with increasingly flexible and convenient tools to effectively protect their credentials. The release of Indeed PAM 3.0 is another successful step along this path, "said Ilya Moiseev, Indeed PAM Product Manager in India.

2024 OpenLDAP and ALD PRO support

Indeed Company on May 13, 2024 announced the launch of an updated version of Indeed PAM (Indeed Privileged Access Manager). Among the key product changes: support for new user directories: OpenLDAP and ALD PRO, connection to arbitrary resources, native support for SIEM via CEF and LEEF log format, manual user blocking in PAM, increased maximum password length, etc.

In Indeed PAM 2.10, it became possible to select OpenLDAP and ALD PRO as directory services. This change enhances the import substitution capabilities of Microsoft's Active Directory directory service. Indeed PAM now supports the following user directories: Active Directory, FreeIPA, OpenLDAP, and ALD PRO.

In the updated version of the product, a new type of resources has been added - arbitrary resources - that is, resources that are not registered in the PAM system. The addition allows you to connect to any resources without having to pre-enter them into the PAM. Such an update will make it easier for users who create virtual machines as part of their work. IT can now connect to them immediately without waiting for the PAM administrator to add them to the resource list.

It also became possible to connect Indeed PAM to the SIEM system without using additional connectors or parsers, which frees the customer from the need for additional modifications.

2022: Privileged user control scenario can be worked on Jet CyberCamp cyber training platform

The IT company Jet Infosystems and the Indid company, a Russian developer of information security software solutions, have created a joint cyber training program on the Jet CyberCamp platform. Now information security specialists can work out cases with  IndeedPAM - a solution of the Privileged Access Management class, designed to monitor and control the actions of privileged users. This was announced by the company "Jet Infosystems" on September 27, 2022. Read more here.

2020: Inclusion in the Register of Domestic Software

On April 13, 2020, the Russian company Indid announced the inclusion of the Indeed Privileged Access Manager software complex in the Register of Domestic Software (Order of the Ministry of Communications of the Russian Federation No. 162 of 07.04.2020). Indeed PAM is designed to control the actions of system administrators and two-factor authentication of privileged users before accessing important commercial data. The vendor announced the release of this software package in August 2018 and constantly informs about the release of releases in which it expands the functionality of the product.

The inclusion of Indeed PAM in the Register opens up access to the possibility of its implementation not only in private companies, but also in public sector organizations that must comply with the requirements of regulators and legislation in the field of import substitution.

2019: Description of Indeed Privileged Access Manager

(Data current for March 2019)

Policies and Permissions

Policies and permissions define privileged access settings:

• to whom access is granted
• which accounts have been granted access to
• what resources (servers and equipment) are granted access to
• for what time (permanent/temporary, during working hours or at any time)
• what sessions should be recorded (video and text recording, text only, screenshots, etc.)
• what local resources (disks, smart cards) will be available to the user in a remote session
• whether the user is allowed to view the password of the privileged account

Centralized policies reduce system administration costs and make settings and access rights transparent to information security professionals and auditors.

Privileged Credential Store

The credentials data required for access (logins, passwords, - SSH key) are stored in, storage to which only server Indeed PAM has access. Storage and transfer of data to/from the server is carried out in encrypted form using persistent ones. algorithms enciphering Access to the storage is limited and is possible only for the PAM server, a special procedure for "sealing" the server - hardening the server is used to implement this approach. databases

Session Recording Subsystem

All privileged access sessions are recorded without fail and stored in the Indeed PAM archive. In the archive, records are stored in encrypted form, it is possible to access them only by having the appropriate permissions within the PAM system.

Records are maintained in the following formats:

• Text recording is always maintained and records the following data:
  • Full console input and output in SSH connections
  • All processes to be started, windows to be opened, and keyboard input for RDP connections.

• Video recording is performed for both RDP and SSH connections. Video recording is not required, it is enabled by the PAM administrator using the policy engine. Video quality is configured and can be different for different accounts, for example, sessions of domain administrators can be recorded with maximum quality, and sessions of compressed operators.
• Screenshots are also taken for both RDP and SSH connections. It is not necessary to save screenshots, it is enabled by the PAM administrator using the policy engine. The frequency and quality of screenshots are set in policies.

Viewing active sessions is available in real time with the ability to break the session by the PAM administrator.

Log Server

The log server is a dedicated Indeed PAM event collection service. Such events include all activity of PAM administrators and users. The log records who and what parameters of the system changed and who made a connection to the target resources under what credentials.

For easy integration into SIEM and timely response to incidents, events can be delivered via syslog to a third-party log server.

Administrator Console

The administrator console provides an interface for configuring, managing and auditing the system and is designed as a web application. Using the console, the administrator gives users access to credentials, configures access policies, and reviews event logs and privileged session records. The console also allows PAM administrators to view active privileged sessions in real time and, if necessary, stop the employee's session. The administrator console is accessed by two-factor authentication.

Self-Service Services

Employees use two tools to gain privileged access:

• A user console that is designed as a web application. In the user's console, employees view the accounts and resources available to them, and start privileged sessions.
• The application on the access server. Using this application, employees gain access bypassing the user's console. In this case, the employee connects directly to the access server, where he is prompted to select an allowed connection.

In both cases, employee access is protected by two-factor OTP (One-Time Password) authentication.

Access modules

Access modules provide mechanisms for opening and recording privileged sessions.

Access Server

The access server implements a centralized model of gaining privileged access. The employee first connects to the access server, on which his rights are checked and authentication is performed by the second factor, after which the employee opens a session on the target resource.

SSH Proxy

SSH Proxy is an alternative option for accessing via Indeed PAM LinuxUnix in/-systems.

Account Management Subsystem

When using PAM class systems, it is important for information security officers to understand that there are no unaccounted-for privileged records in the company's infrastructure, and access to them is monitored and logged. Within Indeed PAM, this task is solved by the account management subsystem.

The subsystem performs the following functions:

• Periodically searches target resources for new privileged accounts. This measure allows you to protect yourself from an unscrupulous administrator who created an account for himself to work bypassing the PAM system.
• Periodic verification of passwords and SSH keys of privileged accounts. This feature ensures that the PAM store contains the current credentials and that the unscrupulous administrator has not reset the account password to bypass the PAM.
• Periodic change of passwords and SSH keys. Indeed PAM generates random complex passwords and SSH keys for controlled privileged credentials, protecting them from unauthorized access.
• Resets the account password after it is shown to the user. The PAM administrator can allow employees to view the password of a privileged account when explicit password usage is required. After the employee receives the password, after a specified period of time, Indeed PAM will reset the password to a new random value.

To perform these functions, the account management subsystem includes connection modules (connectors) for the target systems:

• Connector to Active Directory
• Connector to Windows and Windows Server
• SSH connector for connecting to Linux/Unix systems based on various distributions.

Main characteristics of Indeed PAM

• Access Protocols - RDP, SSH, HTTP (s)
• Supported credential types - Username + password, SSH keys
• Search for privileged accounts and password management - Windows, Linux, Active Directory
• Supported User Directories - Active Directory
• Two-factor authentication technologies - Password + TOTP (software generator)
• Supported session recording types - Text log, Video recording, Screenshots
• Remote Access Technologies - Microsoft RDS, SSH Proxy

2018

Privileged accounts carry serious information security risks: compromising privileged access can lead to large financial and reputational losses of the company. Protecting privileged access is more difficult, and the consequences of its misuse are much more serious than in the case of ordinary users. The problem cannot be solved using common approaches to protecting credentials and requires specialized solutions.

You can formulate tasks for protecting and controlling privileged access as follows:

• Log attempts to use privileged accounts in the access log, indicating which employee, when, and which account was accessed
• Video and text recording of privileged sessions with the ability to view a session archive
• Ensure multifactor employee authentication when accessing privileged accounts
• Keep the password of privileged accounts secret from employees, make regular password changes

To solve these problems, we have developed the Indeed Privileged Access Manager (Indeed PAM) software package. The complex centrally stores and manages privileged accounts. Indeed Privileged Access Manager has the following characteristics:

Tasks to be solved

• Keeping Passwords of Administrative Accounts Secret
• Video and text recording of sessions
• Discover privileged accounts to take control of
• Two-Factor Privileged Access Authentication

Supported Account Types

• Microsoft Active Directory
• Windows Accounts
• Linux accounts (passwords and SSH keys)
• Network equipment Access Accounts

Supported Access Protocols

• RDP
• SSH
• Web applications

Search for privileged accounts

• Indeed PAM includes a module that searches for privileged accounts, registers them on the system and offers to take control of them.

Automatically change privileged account passwords regularly

• Indeed PAM performs a regular password change to a random value, fulfilling the requirements for both the complexity of passwords and the frequency of their change.

Architectural Scheme Indeed PAM

Indeed PAM General Architectural Scheme