<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon

PAM Was Dead. StrongDM Just Brought it Back to Life.

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

I’m not an angry person. I’m not an agitator. And even though it’s on my Amazon Wish List, I don’t currently own a cape. But when I see a wrong in the world, I feel that it’s my duty to right that wrong.

And something is terribly, terribly wrong with PAM.

That’s a bold, broad statement, and I’ll grant you that it’s coming from a guy with a product to sell. But I have seen far too much bad behavior on the part of legacy PAM vendors who pitch an obsolete product that not only can’t deliver on its promise, but also makes enterprises more vulnerable. You read that right. Legacy PAM, which fits squarely into the “cybersecurity” category irrespective of whose quadrant, circle, or triangle you trust, makes organizations less secure. 

I can’t accept that. And you shouldn’t have to.

There is no sitting idly by watching security teams be forced to use a 20th century access management solution, one that was built for static on-premises data centers when much of their world is now built on dynamic, distributed, and multi-cloud ecosystems that demand real-time, dynamic security.

The idealist in me sees the need to fix this. The capitalist sees a massive business opportunity. And the technologist knows that it can be done. So, at StrongDM, we did it – we fixed PAM. We recognized that the need for a PAM is essential. Controlling and managing access to enterprise systems is the most important pillar of effective enterprise security. But we saw that there was a better and more effective way to do it, one that fortifies security while simultaneously delivers a frictionless user experience. 

StrongDM Goes Global, Gets Series C, and Changes the PAM Game

It turns out that security influencers and market-makers recognize this essential need as well, which is why we are proud to announce that our Series C round was led by Anchor Capital, with participation from new investors Cisco Investments, Capital One Ventures, Frontline Ventures, and Singtel Innov8, as well as existing investors including GV, Sequoia Capital, and True Ventures. The participation from these investors underscores a major commitment to reshaping enterprise security with Zero Trust Privileged Access Management (PAM).

Our investors, customers, partners, analysts, and industry thought leaders have cited a number of reasons why they’re bullish on our Zero Trust PAM platform: 

CISO’s demand for a next generation PAM solution 

PAM was originally built for a time when it was easy to manage the privileges of a select few, but times have changed. 

In today’s cloud-based, ephemeral environments, legacy PAM has glaring limitations that create security risk and prevent rapid, accurate access management for the right users. Essential IT activities like cloud migration and infrastructure security no longer rest solely in the hands of a few highly privileged super admins. As enterprise technology is increasingly democratized, there are more technical users in all departments, which means the security risks are higher, too. 

Legacy solutions do not provide the necessary capabilities to securely and effectively address the modern requirements for privileged access management, and are stuck in an overly complex, vault-centric world. They are built to address access as a one-off event, and do not provide the necessary insights for administrators and security teams to investigate and address user behavior post-access. This leaves major security and compliance gaps that actually create additional layers of vulnerability for enterprises.

In essence, legacy PAM solutions over-index on access. StrongDM uses the principles of Zero Trust to evaluate and govern every action, no matter how minor - where each command, query, or configuration change is evaluated in real-time against dynamic policies that adapt to the context of the user, the sensitivity of the action, and the prevailing threat landscape. 

As a result, we’ve changed the meaning of PAM. With our Zero Trust approach, we champion full visibility, session-based control, and comprehensive audit trails across your entire infrastructure. We believe this can only be achieved with frustration-free access because it fosters high adoption rates while enhancing security and productivity. This is done through simple, low-latency, and contextual access policy management and enforcement; its essence is granular control over actions - all actions, and this is manifested through precise, dynamic privileged action control for every infrastructure or application.

StrongDM’s Zero Trust PAM is, undeniably, the new PAM.

The need for a better access solution NOW

All of our investors recognize Zero Trust PAM as an “emerging” category, but the more important aspect is that StrongDM has built it, is delivering it, and that the market opportunity is…every organization that requires access to internal resources. In other words, every organization needs to do access better and promise a demonstrably more effective and secure outcome for its users. As of now, only StrongDM is able to provide that because we are setting a new standard that legacy PAM solutions refused to create over the past decade. 

Dynamic, action-oriented security is required for today’s enterprise environments. Control based on enforcement of policies transforms not just how organizations protect their assets but also how their IT organizations operate. It paves the way for a new era of operational agility where security measures no longer hinder productivity but enable it. This gives developers and IT professionals an operating model within a seamless environment that offers both the freedom to innovate and the assurance that every action is safe by design.

Zero Trust PAM is the new model, and we’re delivering it now. This isn’t an add-on solution. We’re enabling enterprises to improve security controls for critical infrastructure and resources through micro-authorizations, contextual awareness, and enforcement of policies. The result is multidimensional protection of managed enterprise resources through granular, continuous assessment and authorization for privileged users. 

The need for a better access solution EVERYWHERE

Our investors in this Series C round want to see rapid adoption of Zero Trust PAM, and part of their investment is aimed at helping us optimize our brand in new markets. Cisco has always been a prescient observer of technology categories and recognizes how to capitalize where there is opportunity.  And Anchor Capital brings together a network of experienced investors who are guiding some of tech’s most innovative companies. 

The need for a better PAM has no boundaries or borders, and an interesting aspect of this funding round is the global acceleration it provides us. Our investors cite the increasing demand for an alternative to the enduring pain of legacy PAM solutions felt by organizations across the world, so Singtel Innov8 (based in Singapore) will give us a significant foothold in the Asia-Pacific region, while Frontline Ventures (based in London and Dublin) will help facilitate go-to-market operations in EMEA, and will support StrongDM’s new engineering center of excellence which we are building in Poland.

PAM was broken. We fixed it.

What we’re doing isn't just about improving access; it's about preventing breaches before they happen. The StrongDM Zero Trust approach extends everything about infrastructure activity beyond initial access, by offering continuous protection throughout the entire session. This provides a way for users to create and apply policies that govern authorization in real time, which simplifies the process of proving regulatory compliance. By integrating comprehensive audit trails, we ensure that every action is recorded with precision. This provides unprecedented oversight and enforcement of security policies, creating an environment that is simple, agile, and secure.

We’re grateful to have such dynamic partners in this journey, and we appreciate the work done by Capital One Ventures, Cisco Investments, Frontline Ventures, Singtel Innov8, GV, Sequoia Capital, True Ventures, and all of our customers and partners who are dedicated and supportive in our mission. 


About the Author

, Chief Executive Officer (CEO), before joining StrongDM, Tim founded Evident.io—the first real-time API-based cloud security platform. In 2018, Palo Alto Networks (PANW) acquired Evident.io, and Tim joined the executive team at PANW. As the first Chief Cloud Officer, Tim helped outline GTM and product strategy with the C-suite for the cloud business. Tim also served as the principal architect for Adobe's Cloud Team, designing and scaling elastic AWS infrastructure to spark digital transformation across the industry. Tim’s love for innovation drives his interest as an investor in true market disrupters. He enjoys mentoring startup founders and serving as an advisor.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

Privileged Access in the Age of Cloud Authentication & Ephemeral Credentials
Privileged Access in the Age of Cloud Authentication & Ephemeral Credentials
The way that people work continues to evolve, and as a result, so do the ways that they must authenticate into their organization’s resources and systems. Where once you simply had to be hardwired into the local office network, now you must expand your perimeter to include remote and hybrid workforces, on-prem and cloud environments, and take into account a growing list of factors that impact how and where people access critical company resources.
9 Privileged Access Management Best Practices
9 Privileged Access Management Best Practices
Understanding the pillars of access control and following best practices for PAM gives you a roadmap to an implementation that is secure and comprehensive with no security gaps. This article contains nine essential privileged access management best practices recommended by our skilled and experienced identity and access management (IAM) experts.
Vendor Access Management (VAM) Explained
Vendor Access Management (VAM) Explained
Vendor Access Management (VAM) is the systematic control and oversight of vendor access to an organization's systems, applications, and data. It involves processes such as onboarding and offboarding vendors, utilizing solutions for Just-in-Time access, ensuring security, and streamlining workflows to minimize operational inefficiencies.
How to Meet NYDFS Section 500.7 Amendment Requirements
How to Meet NYDFS Section 500.7 Amendment Requirements
The New York Department of Financial Services (“NYDFS”) Cybersecurity Regulation is a set of comprehensive cybersecurity requirements that apply to financial institutions operating in New York. The goal of the regulation is to ensure that the cybersecurity programs of financial institutions have robust safeguards in place to protect customer data and the financial sector.
The Access Management Bill of Rights