Working in tandem with application control, Avecto least privilege management makes whitelisting simple and allows you to assign privileges directly to applications, tasks, and scripts - but not users.
Eliminate admin rights
Assign privileges directly to applications
Protect the endpoint from insider threats
Compliance mandates aren’t always easy to meet. We’ll help you get on track.
Defendpoint meets least privilege and identity access management guidelines by removing user / admin privileges and whitelisting trusted applications across all endpoints - even in the data center - while trend reporting and analysis demonstrates compliance with GDPR, SOX, PCI, DSS, NIST, HIPPA and many more.
Don't leave cyber security to chance
Deter insider attacks by giving access to only to the applications, tasks, and scripts users need. And prevent external attacks that rely on trusted applications and elevated privileges to execute malware and move laterally across your network.
Free your users from security barricades
The turn-key Quick Start policy makes automated privilege access achievable overnight. Users operate from the safety of standard user accounts while enjoying the flexibility of admin accounts - all without IT frustration. The single lightweight agent makes deployment and maintenance simple.
Targeted assignment of privileges
Assign user privileges securely to individual applications, allowing all users to operate with standard user accounts. By ensuring all employees have just the right level of privileged access to perform their daily job functions, you create a highly secure environment.
Broad application support
With support for a broad set of application types, Defendpoint caters to the needs of all users and privileged tasks. Whether it’s an application, installation, task or script, Defendpoint handles all your diverse user requirements across both Windows and Mac.
Works seamlessly with User Account Control/macOS authorization prompts
Replace unwanted prompts and specifically target applications that trigger Windows UAC messages or macOS authorization requests. By intercepting and monitoring all exceptions, you can refine policies and provide users with quick and simple privilege elevation that requests the access they need.
Layers of security for added protection
Prevent the creation of rogue Windows admin accounts with unique privileged account protection. Patented anti-tamper capabilities ensures Defendpoint cannot be circumvented, safeguarding you from code injection, shatter attacks, and token hijacks. The option to digitally sign policies ensures their authenticity from creation through delivery.
On-demand access to privileges
Grant the ability to elevate applications on demand or in combination with gated controls such as reason justifications, password verification or challenge code. Ensure that even advanced privileged users such as sysadmins have the ability to perform their specific roles without compromising security.
Simple to use and manage
Wizard-created job roles and templates make it faster to get started. A flexible filter engine lets you target policies to specific job roles. Simple configuration with a clear processing flow means less clutter and better visibility, keeping policy manageable across thousands of users.
Clear, customizable messaging
Embrace exceptions by setting clear, branded end-user messages to support access to previously unsanctioned software. Tailored options allow you to choose automatic approval for privileged users - protected by full audit trails - or utilize challenge-response codes.
Seamless integration with application control
By combining privilege management with application control, you benefit from security improvements and ensure a positive end-user experience. With the removal of admin accounts, system files and folders are automatically protected and can be whitelisted easily. This allows you to focus on new and unknown applications, greatly reducing the effort and complexity of implementing and managing application control.
The 2017 Microsoft Vulnerabilities Report reviews the latest trends and reveals that the number of published vulnerabilities has risen by 111% over five years. The ever-popular report makes the compelling case for least privilege, finding that of the 235 Critical vulnerabilities reported in 2017, 80% would be mitigated by removing local admin rights from users. What you will learn from this report:
- The latest insight into key vulnerabilities facing your organization
- How 2017’s vulnerabilities compare with previous years
- Learn why this simple step is so essential to security
Hackcess denied: remove admin rights, remove the keys
In this webinar, Sami Laiho, Microsoft MVP and ethical hacker, will reveal the basic techniques a hacker can utilize to breach your entire organizatio…
Read this datasheet to find out how Defendpoint combines best-inclass privilege management and application control, making admin rights removal simple…
Why choose Avecto?
Leader in privilege management since 2008
Trusted by over 1100 global brands
Over 8 million users work productively without admin rights
Proven to scale from 100 to 500,000 desktops
Integrated desktop and server technology from a single vendor