PAM360 » PAM Glossary

    Certificate authority (CA)

    A certificate authority (CA), also referred to as a certification authority, is a trusted entity that validates the identities of online assets, such as websites or email addresses, owned by organizations through the issuance of electronic documents called digital certificates.

    Read more about certificate authority.


    Certificate discovery

    Certificate discovery or SSL/TLS certificate discovery is the process of discovering all SSL and TLS certificates available in your organizational network.

    Read more about certificate discovery..


    Certificate management

    Certificate life cycle management is the process of monitoring and managing the life cycles—from provisioning and deployment to tracking renewal, use, and expiration—of all X.509 certificates deployed within a corporate network environment.

    Read more about certificate management.


    Certificate signing request

    A certificate signing request (CSR) is when encrypted data is sent to a certificate authority (CA) by an organization requesting a new SSL/TLS certificate.

    Read more about certificate signing request.


    Enterprise password vault

    Password vaulting helps eliminate password fatigue by automating the best practices of privileged access management (PAM), such as password generation, creation, rotation, monitoring, and deletion, thereby improving the operational efficiency.

    Read more about enterprise password vault.


    Least privilege access

    Least privilege, at its core, aims to condense an organization’s attack surface by reducing the number of access pathways leading to privileged systems.

    Read more about least privilege access.


    Linux password management

    Attackers no longer need sophisticated methods to breach data; they can simply take unfair advantage of compromised or weak root accounts to gain access to sensitive information.

    Read more about linux password management.


    Password generator

    Password generators are designed not only to eliminate weak, vulnerable passwords, but also to help in complying with password policies and privacy standards.

    Read more about password generator.


    Password Management

    Password management is the process of securing and managing passwords throughout their life cycle from creation to closure by adhering to a set of sustainable practices.

    Read more about password management.


    POODLE attack

    The POODLE attack exploits the loopholes in the legacy encryption standards to steal sensitive data and passwords anonymously.

    Read more about POODLE attack.


    Principle of least privilege (PoLP)

    The principle of least privilege (PoLP) is an information security framework that aims to provide users, accounts, and processes with the minimum level of access or permissions required to perform their tasks, for just the required amount of time.

    Read more about principle of least privilege.


    Privilege elevation and delegation management (PEDM)

    PEDM is a part of privileged access management (PAM), which is designed to provide non-admin users with temporary, granular privileges based on their requirements.

    Read more about privilege elevation and delegation management.


    Privileged identity management (PIM)

    Privileged identity management (PIM) is a part of privileged access management (PAM) process. PIM involves a set of security controls to monitor, control, and audit access to privileged enterprise identities including service accounts, database accounts, passwords, SSH keys, digital signatures, and so on.

    Read more about privileged identity management.


    Privileged access management (PAM)

    Privileged access management (PAM) refers to a set of IT security management principles that help businesses isolate and govern privileged access, control who can be given what level of administrative access to which endpoints, and monitor what authorized users do with that access.

    Read more about PAM.


    Privileged account and session management (PASM)

    Privileged account and session management (PASM) is a class of privileged access management that provides users with administrative access to critical accounts and business-sensitive endpoints, such as data centers, databases, and applications, via remote sessions.

    Read more about privileged account and session management


    Privileged account monitoring

    Privileged accounts are the heartbeat of any organization, and if left unmonitored, data breaches, downtime, failed compliance audits, and the exposure of privileged credentials can result.

    Read more about privileged account monitoring.


    Privileged session management

    A privileged session is an internet session launched by a user with administrative privileges while accessing a system, device, or application in the IT infrastructure—either locally or remotely—and comprises all the activities carried out during that session.

    Read more about privileged session management.


    Privileged account management

    Privileged account management is a part of identity and access management (IAM) that deals exclusively with the protection of privileged accounts in an enterprise, including those of operating systems, databases, servers, applications, virtual machines, and networking devices.

    Read more about privileged account management.


    Privileged identity

    Users with access to a privileged identity have access to critical controls like system security settings, admin functions, credential management features, break-glass configurations, data center management features, etc.

    Read more about privileged identity.


    Secure remote access

    Secure remote access refers to an IT security strategy that allows authorized, controlled access to an enterprise network, mission-critical systems, or any confidential data.

    Read more about secure remote access.


    Self-signed certificate

    Businesses use SSL/TLS certificates to secure their communication channels by encrypting data in transit. These certificates are usually signed and attested by a trusted, public certificate authority (CA). In some cases, businesses self-sign a few certificates. Such certificates are called self-signed certificates.

    Read more about self-signed certificates.


    Service account management

    Service accounts are privileged domain accounts, which are used by critical applications or services to interact with their operating systems, and to execute batch files, scheduled tasks, and applications hosted across databases, file systems, and devices.

    Read more about service account management.


    SSH key management

    SSH (Secure shell) keys are authentication credentials in the SSH protocol. Technically, they are cryptographic keys responsible for encryption, but functionally they work in ways very similar to passwords. Within an enterprise, SSH keys are primarily used to grant secure access to remote systems.

    Read more about SSH key management.


    SSL certificate

    An SSL certificate, also known as a public key certificate, is a cryptographic file installed on your web server that helps establish secure, encrypted online communication.

    Read more about SSL certificate.


    SSL certificate management

    SSL certificate management is the process of monitoring and managing the life cycles—from acquisition and deployment to tracking renewal, usage, and expiration—of all SSL certificates deployed within a network.

    Read more about SSL certificate management.