Definition

Privileged Access Management (PAM) is the specialized discipline of controlling access for privileged accounts: administrators, root, service accounts, database administrators, and anyone with the keys to critical systems. PAM platforms (CyberArk, BeyondTrust, Delinea, HashiCorp Vault) provide credential vaulting, session brokering with recording, just-in-time access provisioning, and policy-based access reviews. Privileged accounts are the highest-value targets for attackers - most major breaches involve compromised admin credentials at some point. PAM is increasingly integrated with ZTNA so admin access to internal systems flows through identity-aware controls with session recording.

Related terms