What's brewing in PAM360?

The PAM360 roadmap provides you with an overview of what we are building currently, and what you can expect in our future releases. We would love your suggestions and feature requests to help us make PAM360 better!

  • Endpoint privilege management (EPM)

    Using EPM, IT administrators can enforce application access controls and manage privileged application access based on user requirements, establish detailed allow-lists and deny-lists for authorized users or applications. This also helps IT admins enable temporary privileged application access during critical situations. These features are powered by ManageEngine's native application control solution, Application Control Plus.

    ReleasedLearn more
  • System for Cross-domain Identity Management (SCIM)

    With the help of the SCIM API protocol, IT administrators can integrate PAM360 with any IAM or IGA tool to perform user management actions like user provisioning and deprovisioning, user role association, and user group allocation. These actions, once triggered in your IAM console, will then reflect within PAM360.


    Administrators will make use of the SDK in various languages such as Java, Python and C# to pull the password from PAM360 vault for their legacy or internal or external applications to get the latest updated password of their privileged accounts. Apart from password retrieval, operations for managing accounts and managing resources will be provided in the SDK.

  • Privileged task automation (PTA)

    PTA helps IT administrators automate repetitive privileged tasks across multiple endpoints and applications, improving operational efficiency. PTA helps perform administrative tasks in a sequence, in parallel, or as a batch in multiple endpoints, such as executing custom SSH and PowerShell scripts, through seamless workflows.

  • Privileged access policy

    An all-new way to manage privileged access within PAM360, with this release IT administrators can set up customizable privilege access policies based on a set of predefined criteria. This criteria might include approval workflow mechanisms, granular access controls, JIT privilege elevation configurations, command and application controls, RemoteApp access, etc.

  • PAM360 agent enhancements

    These enhancements to the PAM360 agent will feature self-upgrade and automatic installation, repair, and restart capabilities without human intervention.

  • Agent-based support for MAC resources

    We aim to extend agent-based features such as endpoint discovery, credential management, and more to all MAC-OS resources.

  • Web session recording

    This update includes recording website connections launched on PAM360. The session recording will be instantly available under Audits after every session.

    In Progress
  • FIPS 140-2

    Along with our FIPS complaint PAM360 installation builds, we will soon be introducing a Bouncy Castle FIPS 140-2 complaint build to harden the security.

  • Cloud Infrastructure Entitlements Management (CIEM)

    This module helps admins enforce least privilege access across multi-cloud environments by providing continuous visibility, improved risk assessment, cleanup the excessive privileges.

  • gRPC API

    In addition to the existing Password Management API list, we are introducing the gRPC API. Using this support, PAM admins and users can perform password operations in Application-to-Application(A-to-A) and Application-to-Database(A-to-DB) with enhanced performance and interoperability.

  • Application gateway server

    Administrators have an option to set up an application gateway server using which they can discover Linux resources from environments that are not directly connected to PAM360. Using this application gateway server, admins can also perform password resets for remote hosts.

  • Flexible TFA support

    Administrators will be able to enable different two-factor authentication options for users based on their needs and preferences.

  • Access review and approval

    Approval authorities will be able to view the access permissions of all the privileged accounts across the organization and review it periodically. Reports will be available for their review and approval process as well.

    Yet to start
  • Policy-based access control (PBAC)

    PAM administrators will be able to create access policies based on the user and device trust score, conditions and criteria. Based on the criteria, administrators can configure actions such as setting a warning message or email, terminating a session, preventing the users from taking sessions in future, and more.

    ReleasedLearn more
  • Cortex XSOAR Integration

    This integration is aimed at enabling administrator to fetch the latest passwords from the PAM360 vault without breaking or changing the workflows created in the XSOAR platform.

    Released Learn more
  • Kubernetes Integration

    This integration helps you to fetch secrets stored in the Kubernetes clusters and manage them from the PAM360 interface—you can fetch, manage, and periodically rotate secrets obtained from multiple Kubernetes clusters. Through the integration, you can achieve collaborative management of the Kubernetes secrets used in your enterprise.

    Released Learn more
  • PAM360 Remote Connect

    Administrators and users of PAM360 are able to take RDP and SSH sessions in a single click via a native client from a windows operating system.

    Released Learn more
  • PAM360 Read-Only Server

    Intending to provide uninterrupted access to passwords, we have introduced another functionality - the Read-Only (RO) server for the PostgreSQL database. Unlike the concept of High Availability, where there will be one Primary server and one Secondary server, the Read-Only server can be configured in multiple. The Read-Only servers function as mirror servers, synchronizing all of the Primary server's operations.

    Released Learn more
  • Periodic discovery of Linux resources and network devices

    Enables administrator to create a periodic account and resource discovery such that he will set a time such as every 5 days, monthly, etc., to discover the new accounts and feed them into PAM360 automatically.

    ReleasedLearn more
  • Agent-based self service privilege elevation for Linux

    Administrators can configure a set of commands/applications such that lesser privileged users can execute/run them in an elevated privilege without knowing the password of that privilege account.

    Released Learn more
  • Agentless SSH command filtering

    PAM administrators will have an option to authorize a set of commands for a particular resource, and users will be allowed to execute only the authorized commands during a remote SSH session. If the user executes any commands other than the configured one, it will throw an error.

    Released Learn more
  • HTTPs Gateway Server

    Administrators will be able to configure their legacy web applications in PAM360, where they can add layers of PAM authentication before accessing the web application via PAM web console without providing direct access to the end users.

    ReleasedLearn more
  • Security Hardening Score in PAM360

    The Security Hardening Score feature validates the customer environment with security options given from PAM360 on a periodical basis to ensure whether the security measures are handled. Security Hardening Score would help the customers to ensure how securely they are using the privileged access management tool in order to avoid external security threats and unforeseen data losses.

    ReleasedLearn more