BI.Zone Privileged Access Management (BI.Zone PAM)

2024: BI.Zone PAM Release

BI.ZONE announced on August 15, 2024, the launch of the BI.ZONE PAM privileged access management product, which protects administrative accounts.

The solution helps protect the infrastructure from intruders: it independently rotates passwords, controls the powers of privileged users, monitors their activity and transmits data on suspicious events to SIEM. The microservice architecture of the product allows you to deploy a distributed fault-tolerant installation and provides the ability to scale horizontally, which, according to the developers, guarantees continuity of business processes.

Administrative accounts are of particular interest to attackers: unauthorized access to these accounts paves the way for critical data and company systems. The consequences for business can be painful: leakage of confidential information, illegitimate access to financial assets, destruction of IT infrastructure, simple and loss of profit.

BI.ZONE Privileged Access Management prevents attackers from accessing privileged accounts and entering the company's IT perimeter. The product allows you to build protection against MITRE ATT&CK techniques, which are often used in attacks on Russian companies. Thus, 42% of groups use such techniques at the stage of obtaining initial access and 63% at the stage of privilege escalation (according to BI.ZONE).

The product manages privileged access using the zero trust concept. BI. ZONE PAM is a platform through which employees and contractors gain administrative access to the company's IT infrastructure centrally, without the ability to directly access servers, databases and network devices. At the same time, users do not have information about passwords for accessing specific resources: the system works according to the SSO (single sign-on) principle and itself conducts end-to-end authentication on target resources on behalf of privileged accounts.

It also rotates passwords and certificates with each new connection or on a schedule, which also solves the problem of updating passwords manually. Thus, BI. ZONE PAM reduces the risk of misuse of administrative accounts if they are leaked or stolen using social engineering methods, the company noted.

The platform helps to ensure prompt response to failures and incidents, as well as speed up their investigation: all user actions are recorded, while cybersecurity event data is sent to SIEM. The experience of commands and solutions from the BI.ZONE ecosystem related to monitoring and responding to cyber incidents helps strengthen the product in this direction.

The "development driver BI. ZONE PAM was the cybersecurity audits conducted by the BI.ZONE Consulting team. An analysis of the data obtained over two years showed that more than 90% of customers did not have a built-up process for managing privileged access, since companies did not find a tool on the domestic market that was suitable for their requests. The necessary funds were not used due to the difficulty in setting up, the inability to scale the solution horizontally and other problems, "said Artyom Nazaretyan, head of BI. ZONE PAM.

Microservice architecture allows you to create an installation that covers the entire IT environment of the company and can withstand the maximum number of sessions. Fault tolerance of the system is also provided in case of failure of one of the components. At the same time, the possibilities of horizontal scaling are limited only by the computing resources of the customer, but not by the software itself.

The BI. ZONE PAM solution is included in the register of domestic software. It is expected that the product will receive a certificate from the FSTEC of Russia by the end of 2024.

BI. ZONE PAM is fully deployed on Linux and is independent of Windows infrastructure components.