Remediant: Evolving Privileged Access Management, Just-In-Time



As cybersecurity practitioners in the enterprise realm, Tim Keeler and Paul Lanzi saw firsthand how existing identity and access management solutions failed to deliver adequate protection against credential theft attacks and did nothing to address the pervasive problem of admin over-provisioning. They recognized few segments of the information security world where the analyst perception and the on-the-ground reality were as far apart as they were in the privileged access management (PAM) space.

Armed with the idea of creating a better way to secure credentials, Tim Keeler, along with co-founder Paul Lanzi (CTO), therefore launched Remediant in 2015. Remediant is a fast-growing PAM software company that is solving a major industry need by providing an innovative alternative to legacy PAM solutions that struggle to scale with today’s digital enterprise. The company was named a Gartner “Cool Vendor” for 2019 and recently won the CyberSecurity Breakthrough Awards for Best PAM Solution of the Year. Remediant quintupled its revenue between 2017 and 2018 and was also named a “Black Unicorn” by Cyber Defense Magazine. Remediant’s flagship SecureONE product has seen rapid adoption by Fortune 1000 enterprises in the media, biotech, personal finance, healthcare and defense sectors. The company is based in San Francisco, CA and has an additional office in Irving, TX.

“As former practitioners and consumers of legacy PAM approaches, we understand the crucial role privilege access plays in securing an organization - it’s not simply a matter of who should have a certain level of access, but at what point in time and for how long,” says Tim Keeler, founder, and CEO of Remediant.

The company abides by its mission to safeguard and secure the enterprise ecosystem by evolving PAM through a focus on efficiency, simplicity, and visibility. Leading with innovation; Remediant delivers enterprise-class cybersecurity solutions that enable real-time monitoring, zero trust protection of privileged accounts and just-in-time administration (JITA) across IT/Security ecosystems. 

Remediant signed Lockheed Martin as their first customer to provide a dynamic, scalable PAM solution with minimal disruptions to Lockheed Martin’s 150,000+ endpoints. By bringing a new level of control and insight over the distribution, usage, and protection of privileged access in enterprise environments, Remediant is actively changing the PAM market landscape that is now over two decades old.

Reimagining PAM

PAM is an important element of effective cybersecurity. Gartner has ranked PAM as the number one security project to be prioritized among security and risk management leaders for the past 2 years. Although since 1996, every PAM solution on the market has been built on top of the concept of a password vault. “Long considered a “solved problem,” legacy PAM solutions focus exclusively on authentication as the method for protecting privileged access. Over time, innovation in these legacy PAM solutions looked like longer passwords or more frequent credential rotation – but never addressing the real needs of practitioners who used these solutions every day,” says Keeler. 

Also worth noting:  80 percent of breaches involve the use of stolen credentials, as it leads to the most valuable information. While hackers often target administrator accounts with compromised credentials – these accounts usually have privileged access to 90% of the resources they don’t need for their daily or frequent tasks. “Credential theft attacks are the number one attack vector today and we’ve seen major breaches as a result – Yahoo, Marriott, OPM, to name a few. Many organizations do not even realize how much access is given out unnecessarily to employees, contractors, and third parties. Moreover, this access typically goes unmonitored and permissions often outlive the employee or contractor’s tenure. This is how credentials are easily stolen or misused,” says Keeler. “If organizations can address that major problem by protecting who has privileged access to what and when, then they will most certainly have a stronger risk management posture.”

The threat of embedding credential-based attacks within malware is also on the rise. “The NotPetya virus is an excellent example of not only leveraging zero-day attacks, but harvesting credentials and using it for propagation. Future based attacks will certainly leverage this attack method and sophistication,” Keeler asserts. “We need to assume privileged credentials will be compromised and architect our security to stop lateral movement when credentials are compromised. This means deploying a completely dynamic, centralized approach to privilege.” 

Tim Keeler, Founder & CEO, Remediant.

Just-in-Time PAM

Remediant has a new, modern architecture to PAM security through its unique, Just-in-Time Administration (JITA) platform that directly addresses credential theft. SecureONE is the first PAM solution to bring the ease of an agent-less and vault-less approach, while also delivering continuous detection of new privileged access across the enterprise. Based on a zero-trust model, SecureONE ensures privileged access is precisely allocated and continuously inventoried by granting privileged access on a just-in-time, just-enough basis using multi-factor authentication (MFA). Hence, SecureONE reduces an organization’s attack surface by removing standing privileges plus makes it easy to assign privileged access solely to the endpoints needed, for a specific time period, incorporating MFA. Administrators gain the privileged access they need, when they need it, while also eliminating compliance and security gaps. Thereby, preventing 99% of all data breaches exploited by compromised admin credentials or neglected user accounts with excessive privileges. “Thinking creatively is paramount to our innovation. This often means challenging assumptions in our field,” shares Keeler. “Technology is filled with complexity and we need to take a step back to examine the broader picture that allows us to bring simplicity in an elegant, practical, easy to use fashion.”

Remediant takes the same approach to address all the problems of managing privileged access. In most security platforms today, privileged access is assigned to secondary accounts. This bifurcates the user’s identity, creating audit and governance challenges that are addressed with manual processes. This also creates a challenge for administrators, as they have to maintain multiple accounts and passwords. Furthermore, these accounts often persist on computers indefinitely, only requiring just a username/password to gain access.

SecureONE manages privilege access transactions using the user’s own identity – resolving compliance audits and mandates faster and making it easy for system administrators, help desk personnel, application administrators and other authorized users to perform on-demand updates on the endpoints they maintain. “We are motivated to offer a solution that addresses the fundamental access problem – and makes life simpler for the system administrators, help desk administrators, DevOps personnel and others who need privileged access to do their jobs,” maintains Keeler.

Disrupting PAM

The company just closed on a $15 million Series A funding round from Dell Technologies Capital and ForgePoint Capital.

Remediant has set its sights on the future. The company is hard at work to protect organizations from data theft via stolen credentials. They are here to completely change how the industry has traditionally looked at PAM. “Why?” Keeler asks. “Because legacy PAM solutions are not cutting it anymore and a more modern architecture is required to help mitigate the credential theft problem.” 

All designs displayed on this page are the intellectual property of © Aspioneer BizByts Marketing Pvt. Ltd.