Phone Number +1-202-802-9399 (US)

Thycotic is now Delinea!

The Lockdown

Thycotic’s Cyber Security Blog

Thycotic Enhances Privileged Access Protection for macOS Workstations and Laptops


Written by Kali Linette

December 12th, 2019

WASHINGTON, D.C., Dec. 12, 2019 — Thycotic, provider of privileged access management (PAM) solutions to more than 10,000 organizations, including 25 of the Fortune 100, today revealed new capabilities that help implement the principle of least privilege security for workstations and laptops running macOS. The new release of Thycotic’s Privilege Manager solution supports both Windows and macOS, and protects the largest, and often most vulnerable, portion of the privileged attack surface: network endpoints.

Protecting endpoints in large, diverse deployments

Thycotic Privilege Manager mitigates critical vulnerabilities on endpoints by removing excess privileges that create entry points for cyberattack. Within a least privilege model, policy-based application control elevates, denies, allows, reduces or quarantines applications automatically so people can continue to do their jobs securely and helpdesk support tickets decrease.

Hundreds of thousands of machines in an enterprise deployment can simultaneously communicate with Privilege Manager, check policies and execute application control 24×7. Enterprises that often provision hundreds or even thousands of devices in a single day can easily install Privilege Manager on all employee servers, workstations, and laptops.

“We’re seeing significant growth in the use of macOS by our customers, and this release showcases our commitment to supporting this critical operating system,” said Jai Dargan, Vice President of Product Management at Thycotic. “Privilege Manager offers key endpoint privilege elevation capabilities for both macOS and Windows.” 

New Privilege Manager macOS features:

  • To control who can execute specific commands, added support for macOS command line filtering and targeting specific commands on macOS using both wildcards and regular expressions. 
  • Network share filters make it easy to target a large set of applications. These can now be added to macOS based policies, allowing admins to use a network share as a location that can be allowed, denied, elevated, etc.
  • New support for macOS Catalina and PKG files for upload  

New Privilege Manager enterprise features:

  • With multiple admin access to the Privilege Manager console, detailed change history can now be tracked for any changes made to a policy, configuration, role, filter, action, approval, and discovery. This provides streamlined support to help pass audits of third-party security products.  
  • Many enterprises have separate UAT/test environments or distributed environments in different geographic locations. The new policy bulk export and import feature, including all of the policy’s dependencies, enables customers to move a proven policy into production or distribute to other environments. This also allows admins to export a complete policy to facilitate troubleshooting when issues occur.

Organizations can evaluate the latest version of Privilege Manager, available both on-premises and in the cloud, with a free 30-day trial.