Bastion

The right privilege without compromising productivity

Administration rights introduce critical vulnerabilities to your vital assets.  Ensure that only the right privilege is granted to the right account, at the right time, without compromising productivity.

Enforced Least Privilege Management Principle

• Eliminate the risk of overprivileged users who can wreak havoc in your IT network at the click of a button
• Zero local administrator policy: grant privileges at a granular level with the ability to assign specific rights to a user to execute a specific action
• Privilege segregation by establishing a security context for applications & processes rather than by user
• Facilitate productivity: non-administrator users can still run tasks with adapted privileges with no impact on productivity

Privileged Access Management for Critical Systems

• Protect assets with combined user access workflows, credential rotation, and local rights limitation
• Secure critical systems through session control and local system application and process management
• Trace and monitor activity with complete session recording, metadata, and logs for local devices

Endpoint System Protection

• Fine-tune application rights so that they can only be used to perform authorized actions by authorized users
• Prevent known and unknown attacks by blocking all unauthorized actions intending to modify the system
• Neutralise ransomware: encryption operations are detected before being carried out

Control and manage heterogeneous proprietary production environment systems from standard IT consoles

• Integrated with Bastion PAM solution to increase security for identity theft protection and access to critical asset
• Application white/grey/black-listing to eliminate local administrators or limit user right
• Fully supported on all Windows platforms, desktop or Windows Serve
• Centralise and simplify management through integration with Microsoft Active Directory and its database
• Exclusive patented technology that assign security context for processes and applications
• Application-level security to eliminate administrator accounts on endpoints
• Real-time detection of system functions such as performing encryption operations to block ransomware
• File protection against tampering at NTFS level
• Eliminate local administrator passwords shared across systems
• Integrate with SIEM to centralise log information for advanced threat detection