PAM360 » PAM Glossary

    Certificate authority (CA)

    A certificate authority (CA), also referred to as a certification authority, is a trusted entity that validates the identities of online assets, such as websites or email addresses, owned by organizations through the issuance of electronic documents called digital certificates.

    Read more about certificate authority.


    Certificate discovery

    Certificate discovery or SSL/TLS certificate discovery is the process of discovering all SSL and TLS certificates available in your organizational network.

    Read more about certificate discovery..


    Certificate management

    Certificate life cycle management is the process of monitoring and managing the life cycles—from provisioning and deployment to tracking renewal, use, and expiration—of all X.509 certificates deployed within a corporate network environment.

    Read more about certificate management.


    Certificate signing request

    A certificate signing request (CSR) is when encrypted data is sent to a certificate authority (CA) by an organization requesting a new SSL/TLS certificate.

    Read more about certificate signing request.


    Enterprise password vault

    Password vaulting helps eliminate password fatigue by automating the best practices of privileged access management (PAM), such as password generation, creation, rotation, monitoring, and deletion, thereby improving the operational efficiency.

    Read more about enterprise password vault.


    Enterprise remote access

    Enterprise remote access is a security strategy that provides authorized users access to critical resources like servers, databases, and applications beyond their local network.

    Read more about enterprise remote access.


    Least privilege access

    Least privilege, at its core, aims to condense an organization’s attack surface by reducing the number of access pathways leading to privileged systems.

    Read more about least privilege access.


    Linux password management

    Attackers no longer need sophisticated methods to breach data; they can simply take unfair advantage of compromised or weak root accounts to gain access to sensitive information.

    Read more about linux password management.


    Linux PAM

    This article will discuss the basics and essential tips for efficient Linux privileged access management.

    Read more about linux PAM.


    Machine identity management

    Machine identity management (MIM) is the process of managing the digital identities of machines, such as computers, servers, IoT devices, and workloads such as scripts, webpages, virtual machines etc. This includes the discovery, issuance, storage, and revocation of machine certificates and keys.

    Read more about machine identity management.


    Password generator

    Password generators are designed not only to eliminate weak, vulnerable passwords, but also to help in complying with password policies and privacy standards.

    Read more about password generator.


    Password Management

    Password management is the process of securing and managing passwords throughout their life cycle from creation to closure by adhering to a set of sustainable practices.

    Read more about password management.


    POODLE attack

    The POODLE attack exploits the loopholes in the legacy encryption standards to steal sensitive data and passwords anonymously.

    Read more about POODLE attack.


    Principle of least privilege (PoLP)

    The principle of least privilege (PoLP) is an information security framework that aims to provide users, accounts, and processes with the minimum level of access or permissions required to perform their tasks, for just the required amount of time.

    Read more about principle of least privilege.


    Privilege elevation and delegation management (PEDM)

    PEDM is a part of privileged access management (PAM), which is designed to provide non-admin users with temporary, granular privileges based on their requirements.

    Read more about privilege elevation and delegation management.


    Privileged identity management (PIM)

    Privileged identity management (PIM) is a part of privileged access management (PAM) process. PIM involves a set of security controls to monitor, control, and audit access to privileged enterprise identities including service accounts, database accounts, passwords, SSH keys, digital signatures, and so on.

    Read more about privileged identity management.


    Privileged access management (PAM)

    Privileged access management (PAM) refers to a set of IT security management principles that help businesses isolate and govern privileged access, control who can be given what level of administrative access to which endpoints, and monitor what authorized users do with that access.

    Read more about PAM.


    Privileged account and session management (PASM)

    Privileged account and session management (PASM) is a class of privileged access management that provides users with administrative access to critical accounts and business-sensitive endpoints, such as data centers, databases, and applications, via remote sessions.

    Read more about privileged account and session management


    Privileged account monitoring

    Privileged accounts are the heartbeat of any organization, and if left unmonitored, data breaches, downtime, failed compliance audits, and the exposure of privileged credentials can result.

    Read more about privileged account monitoring.


    Privileged session management

    A privileged session is an internet session launched by a user with administrative privileges while accessing a system, device, or application in the IT infrastructure—either locally or remotely—and comprises all the activities carried out during that session.

    Read more about privileged session management.


    Privileged account management

    Privileged account management is a part of identity and access management (IAM) that deals exclusively with the protection of privileged accounts in an enterprise, including those of operating systems, databases, servers, applications, virtual machines, and networking devices.

    Read more about privileged account management.


    Privileged identity

    Users with access to a privileged identity have access to critical controls like system security settings, admin functions, credential management features, break-glass configurations, data center management features, etc.

    Read more about privileged identity.


    Privilege escalation

    Privilege escalation is a type of cyberattack where non-administrative users gain elevated access to take unauthorized control over high-value assets.

    Read more about privilege escalation.


    Role-based access control

    Role based access control (RBAC) expressly assigns users permissions depending on certain responsibilities in an organisation. Roles and privileges are key to the idea of role-based access control, which allows only authorised users (subjects) to carry out privileged operations on important resources (objects).

    Read more about role based access control.


    Secrets management

    Secrets management is the process of storing, managing and controlling access to credentials that are used by devops, RPA and other enterprise processes.

    Read more about secrets management.


    Secure remote access

    Secure remote access refers to an IT security strategy that allows authorized, controlled access to an enterprise network, mission-critical systems, or any confidential data.

    Read more about secure remote access.


    Self-signed certificate

    Businesses use SSL/TLS certificates to secure their communication channels by encrypting data in transit. These certificates are usually signed and attested by a trusted, public certificate authority (CA). In some cases, businesses self-sign a few certificates. Such certificates are called self-signed certificates.

    Read more about self-signed certificates.


    Service account management

    Service accounts are privileged domain accounts, which are used by critical applications or services to interact with their operating systems, and to execute batch files, scheduled tasks, and applications hosted across databases, file systems, and devices.

    Read more about service account management.


    SSH key management

    SSH (Secure shell) keys are authentication credentials in the SSH protocol. Technically, they are cryptographic keys responsible for encryption, but functionally they work in ways very similar to passwords. Within an enterprise, SSH keys are primarily used to grant secure access to remote systems.

    Read more about SSH key management.


    SSL certificate

    An SSL certificate, also known as a public key certificate, is a cryptographic file installed on your web server that helps establish secure, encrypted online communication.

    Read more about SSL certificate.


    SSL certificate management

    SSL certificate management is the process of monitoring and managing the life cycles—from acquisition and deployment to tracking renewal, usage, and expiration—of all SSL certificates deployed within a network.

    Read more about SSL certificate management.


    TLS/SSL handshake

    The TLS/SSL handshake is a cryptographic process that happens whenever a client tries to establish a connection with the server. This handshake protocol powers the secure connection between the client and the server which facilitates privacy, data integrity, and confidentiality.

    Read more about TLS/SSL handshake.


    Zero standing privileges (ZSP)

    Zero standing privileges is an IT security approach that eliminates permanent access privileges, also known as standing privileges. This helps organizations reduce their attack surface and mitigate the risk of privilege abuse attacks.

    Read more about zero standing privileges.