Washington DC-based password management vendor Thycotic was founded in 1996 making it one of the early entrants into the privilege password management space. While remaining largely self-funded since its founding, Thycotic recently took its first ever investment from Insight Venture Partners. The details of the deal remain undisclosed.
Secret Server 9.0 – adding Mac and Unix capabilities
While Thycotic Secret Server has traditionally been a Windows-based product, it’s expanding its platform coverage with new product capabilities for Mac and Unix.
As Apple has proliferated into the enterprise, more administrators are seeking out OSX-native administrative tools to manage their systems. Responding to feedback from its users, one of the biggest of the new Secret Server 9.0 features is built around the OSX.
The Mac session launcher gives the ability to run RDP, SSH and custom launches mirroring all the functionality available on Windows. This also includes session recording, session terminal and proxying.
Another major feature in the latest release is the addition of the Privilege Manager for Unix module that enforces least privilege on admin accounts with more granular control over which commands users can run as root on Unix servers.
This new functionality allows certain root commands to be available to users while withholding the full range of root privileges. In such cases, Secret Server acts as the proxy. For example, it is possible to allow helpdesk users to reboot a server, but not run any other commands as root.
Secret Server also maintains the audit trail between the named and proxy account, which can be exported to a SIEM for correlation.
Also added in is support for geo-replication which gives administrators the option to use SQL Replication. This is an advantage for geographically separate sites that need to run independently in the event of an outage.
Breaking the Fourth Wall
Over the past 20 years, Thycotic has been growing steadily in the marketplace with its Secret Server privileged account password management product, particularly within the mid- and enterprise markets. However, during this time, the market has evolved where the company is well-positioned to take greater advantage of the opportunities that lie ahead.
More companies than ever are becoming aware of the need and value in maintaining better security and control of its privileged identities and API keys. Mid-market companies are also beginning to take security more seriously as news of compromises by rogue staff capture headlines, and the increase in ransomware spreads.
This gives Thycotic the opportunity to cater to this particular market segment and build stronger differentiation against other players in the privilege management space such as CyberArk, BeyondTrust, Lieberman, and others.
In February 2016, for example, Thycotic announced its first acquisition to date of Arellia. This enhances Thycotic’s product offerings with endpoint security solutions for Windows that lock down applications, local admin accounts, and OS configurations.
The market is continually evolving though, which is why we believe the acquisition of Arellia was a good move on the part of the company. It enables Thycotic to further enhance its capabilities to include application control and moving beyond pure privilege management.
Thycotic is confident in its capability and ability to meet user needs and offers a free 30 day trial on Secret Server for users wanting to test drive its offering.