Definition
Privileged Access Management (PAM) is the specialized discipline of controlling access for privileged accounts: administrators, root, service accounts, database administrators, and anyone with the keys to critical systems. PAM platforms (CyberArk, BeyondTrust, Delinea, HashiCorp Vault) provide credential vaulting, session brokering with recording, just-in-time access provisioning, and policy-based access reviews. Privileged accounts are the highest-value targets for attackers - most major breaches involve compromised admin credentials at some point. PAM is increasingly integrated with ZTNA so admin access to internal systems flows through identity-aware controls with session recording.
Related terms
- IAM (Identity and Access Management) - Discipline for managing digital identities, authentication, authorization, and access control across enterprise systems.
- MFA (Multi-Factor Authentication) - Authentication requiring two or more independent factors (something you know, have, or are).
- ZTNA (Zero Trust Network Access) - Identity-driven, application-level access to internal apps - the modern replacement for VPN.