ManageEngine upgrades PAM360 with AI-driven cloud access controls
The updated PAM360 platform now includes AI-governed cloud access policy recommendations and a privileged task automation module, which is enabled through Qntrl, Zoho's workflow orchestration platform. These additions are intended to help organisations automate administrative routines, enforce the principle of least privilege at scale, and decrease security risks through automated remediation processes.
PAM360's Cloud Infrastructure Entitlement Management (CIEM) module now benefits from AI enhancements that facilitate the creation of intelligent least privilege policies and offer risk remediation policy recommendations. This improvement aims to provide organisations with greater control over access governance, particularly as the number of both human and non-human digital identities grows in complex, hybrid and multi-cloud environments.
ManageEngine referenced findings from its 2024 Identity Security Insights report to highlight the demand for more advanced security controls. According to the company, "68 per cent of the respondents are looking for AI-driven improvements in risk-based access control."
Ramanathan Kannabiran, Director of Product Management at ManageEngine, commented on the challenges facing organisations as they address access management in diverse digital ecosystems.
He stated, "Today's hybrid, multi-cloud environments have led to an explosion of human and non-human identities, creating complex access workflows and rampant privilege sprawl. To tackle this, organisations require dynamic policies that can intelligently enforce the principle of least privilege across their identity stack. With the AI-driven CIEM module in PAM360, IT security teams can now generate intelligent least privilege policies, proactively flag risky entitlements and automate remediation, helping enterprises close critical identity security gaps before they're exploited."
The updated CIEM module in PAM360 can now generate AI-driven least privilege policies, automate remediation of shadow admin risks, and provide real-time access and session summaries. These features are intended to enable organisations to address issues such as access sprawl and misconfigurations in complex IT environments with lower reliance on manual intervention.
ManageEngine is also introducing new automation controls through its partnership with Qntrl, which powers the new privileged task automation feature in PAM360. Historically, automation in business workflows - such as robotic process automation (RPA) or script-driven routines - has relied on manual access provisioning, which can introduce delays and increase the risk of errors and privilege misuse.
Kannabiran explained the impact of the new automation module, noting, "Privileged task automation in PAM360 eliminates the need for administrators to manually grant and revoke necessary access privileges for every automated routine. Access is provisioned just in time, based on the task context, and revoked automatically once the task ends. This not only preserves admin bandwidth, but also reduces the risk of privilege misuse caused by excessive or standing access."
Through deep integration within the Zoho ecosystem, PAM360's automation capabilities are designed to function natively, removing the necessity for other third-party automation tools. The platform now offers streamlined vendor access with automated onboarding and offboarding, provisions temporary just-in-time access with fine-grained controls, and supports secure, hands-free transfers of privileged data. The aim is to increase operational speed and consistency while reducing security risks.
ManageEngine stated that PAM360 is intended to enforce stronger governance of access to sensitive corporate assets, supporting both core privileged access management requirements and integration with other IT management tools. According to the company, the platform is used by over 5,000 organisations and more than one million administrators globally.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
4 days ago
- Techday NZ
Endpoint Central users save $4.5 million with 442% ROI in study
ManageEngine has released the findings of a Total Economic Impact study, conducted independently by Forrester, evaluating the financial and operational impact of its Endpoint Central unified endpoint management and security platform over a three-year period. Return on investment The research showed that organisations using Endpoint Central realised a return on investment of 442% within three years, with a payback period of less than six months. According to the study, customers obtained $4.5 million in total benefits during the analysed timeframe, with a net present value of $3.7 million attributed to the platform's deployment. The Total Economic Impact study was based on interviews with four customers, supported by financial modelling to represent a composite organisation. "We've always aimed to deliver meaningful outcomes through Endpoint Central, and it's rewarding to see those results consistently reflected in our customers' experiences - and now quantified in this TEI study," said Mathivanan Venkatachalam, Vice President of ManageEngine. "Many of our customers have significantly reduced operational overhead and administrative burden by replacing multiple tools with Endpoint Central. That's exactly the kind of outcome Endpoint Central was built to deliver." Efficiency gains The study highlighted several operational efficiencies gained by adopting Endpoint Central. One area was the reduction in manual patching effort, with organisations achieving up to 95% less manual intervention due to automated patch management. This improvement produced productivity gains estimated at $913,000 over three years. The consolidation of legacy tools onto the Endpoint Central platform was found to yield savings exceeding $1 million across the three-year period reviewed. Further benefits included the implementation of secure self-service utilities and remote troubleshooting, which decreased help desk workloads and contributed to improved end-user productivity. ManageEngine's endpoint management system also enhanced visibility and control over hardware and software assets, and enabled more efficient reclamation of unused licences. The study noted that automation of endpoint analytics and reporting led to the elimination of manual report generation processes. Compliance and security improvements According to the Forrester study, Endpoint Central enabled IT teams to better support users across distributed geographies and hybrid work models, through its unified management capabilities. Organisations reported experiencing more stable endpoints and reductions in user downtime and service disruptions. Improvements in compliance and cyber security were also observed. An IT director from the software services sector quoted in the study stated, "Our compliance rate of devices went from 70% to more than 95% after using Endpoint Central. Devices are much more stable and easier to manage. We were even able to save cyber insurance costs due to this increased security posture." Consolidation and visibility Respondents indicated that the consolidation of endpoint management solutions via Endpoint Central contributed not only to cost savings but also to streamlined operations. Real-time visibility and administration of both software and hardware inventories were cited, as well as the benefit of eliminating unnecessary or redundant licences. The study also noted that automating management routines, such as patch deployment and report generation, allowed IT staff to focus more on strategic initiatives, rather than repetitive administrative tasks. Customers interviewed for the study commented on improvements to employee experience, with lower incident rates and faster support times following the adoption of unified management and remote troubleshooting features. The Total Economic Impact study, conducted by Forrester Consulting, was commissioned to analyse and quantify the value delivered to organisations by ManageEngine's Endpoint Central platform, based on real-world customer experiences and independently derived financial models.
Techday NZ
6 days ago
- Techday NZ
Exclusive: ManageEngine's Vinayak Sreedhar highlights AI adoption challenges
Australian and New Zealand businesses are racing to adopt artificial intelligence, but many are struggling to manage its human and organisational impacts, according to new data from ManageEngine's Navigating AI Anxiety: A/NZ Organisations in 2025 report. The study, based on responses from 300 ICT professionals across Australia and New Zealand, shows that while 93% of organisations have adopted AI - 61% at a company-wide level - serious concerns remain. More than half of respondents (57%) feel anxious about integrating AI, and 97% say their organisation lacks some form of AI-related skill, particularly in areas such as machine learning, AI governance, and model training. Vinayak Sreedhar, Country Head at ManageEngine for ANZ, said the results reflect a growing tension between AI enthusiasm and readiness. "It's a very startling kind of data," he said. "There's a high level of adoption, yet a lot of apprehension. This primarily comes down to a skills issue." The skill gap behind AI anxiety The report reveals that while 63% of respondents feel they cannot afford to ignore AI, only two-thirds believe their AI leaders are truly up to speed. Sreedhar said this disconnect is fuelling workplace stress and uncertainty. "There seems to be inadequate AI governance and training from the employer's perspective," he said. "Many organisations today lack formal training sessions and clear policies." This anxiety is already taking its toll. The report found that 59% of respondents frequently feel stressed about keeping up with AI changes, 34% feel their job security has decreased, and 31% report experiencing more anxiety or burnout at work. To combat this, Sreedhar emphasised the need for frequent and inclusive training. "One or two sessions won't cut it," he said. "Training has to happen in a continuous loop, with clear milestones and constant communication." Organisations are responding, with many turning to practical, hands-on strategies. According to the report, 41% are relying on on-the-job AI learning, 38% on mentorship and coaching, and 37% on in-house workshops. "You need to keep briefing your internal teams, hear out their concerns, and address them along the way," Sreedhar said. Involving employees and building trust Sreedhar stressed that employee involvement is key to a successful AI rollout. "This cannot be a siloed project driven by a few folks," he said. "You need to engage functional leaders across departments and maintain transparency about what you're trying to achieve." Failing to include employees in the process, he warned, is a "recipe for failure." Resistance, disengagement, and even project collapse are real risks when staff are not on board. "The success of any product depends on how well it is adopted. If there's resistance from the larger workforce, we don't see such products being successful." Organisations are trying to bridge this gap. The report shows that 39% are now using AI to support - not replace - human roles, while 36% are promoting continuous learning and adaptability. Another 35% are actively providing training to boost AI-related skills. Despite the challenges, 67% of employees reportedly trust the output of AI tools used by their organisation, and 75% believe implemented strategies are helping staff incorporate AI into workflows. Ethics, cybersecurity and the risks of rushing Sreedhar also highlighted the dangers of rushing into AI adoption without proper frameworks. "A poorly implemented AI system is potentially a cybersecurity nightmare," he said. "You have to be extremely vigilant." The report reveals 43% of respondents are concerned about the lack of a clear plan to manage AI's human impact, and 42% worry about the potential for misuse by malicious actors. Half of respondents say their organisation's AI governance includes data privacy and security controls, but 40% of SMBs admit they lack the ability to monitor employees' use of BYO AI tools. From a cybersecurity standpoint, the skills gap can further expose businesses to threats. "If employees are not trained, they may unknowingly compromise data integrity," Sreedhar said. "Ignorance leads to issues." Ethical leadership is also essential. "Leadership must lead by example," Sreedhar explained. "They need to set standards around fairness, transparency and accountability." A comprehensive AI strategy, Sreedhar said, must include alignment with business goals, strong data governance, and continuous performance evaluation. "Any rushed decision-making will lead to regret somewhere down the line," he said. "You have to take your time."
Techday NZ
7 days ago
- Techday NZ
BeyondTrust launches Secrets Insights to tackle hidden identity risks
BeyondTrust has announced the expansion of its Identity Security Insights solution with the introduction of Secrets Insights, designed to address vulnerabilities arising from secrets and non-human identities. According to recent Identity Security Risk Assessments completed by BeyondTrust across various industries and organisational sizes, significant gaps have been discovered in current identity security postures. The findings reveal dormant service accounts with privilege in more than 70% of assessed environments. Additional issues include overly permissive Entra Service Principals, which can create direct pathways to Global Admin privileges, thereby endangering Microsoft 365 environments. The assessments also found that credentials are frequently reused across multiple service accounts by administrators, compounding the risks posed by a single compromised password. In the realm of privilege escalation, the report observes that low-privileged users are able to gain administrative access across Active Directory, Entra, AWS, Okta, and GitHub due to hidden escalation paths rooted in configuration errors, federation processes, and synchronisation. AD Service accounts that connect on-premises and cloud environments, particularly those with privileged Entra roles, were also identified as potential cross-platform attack vectors. The review highlighted further weaknesses, such as inadequate GitHub repository access management. This can lead to uncontrolled and unauthorised access to sensitive code and secrets, with personal GitHub accounts exacerbating the risk. "These identity infrastructure issues aren't just misconfigurations, they're invitations. Our Identity Security Risk Assessment data shows that many organisations lack the complete story when it comes to their identity attack surface. For many, overlooked hygiene issues silently open the door to attackers. And with the rise of Agentic AI, the stakes have never been higher, especially as most organisations lack visibility into how compromised accounts can be leveraged to seize control of application secrets, which often carry elevated privileges," said Marc Maiffret, CTO at BeyondTrust. Agentic AI systems, which autonomously interface with infrastructure and provision access, are predicted to amplify the risks associated with unmanaged secrets and non-human identities. As organisations adopt these AI-driven systems, the potential for abuse of hidden privileges and secrets grows, underscoring the need for enhanced oversight. The new Secrets Insights feature is intended to provide this visibility. It builds upon the existing capabilities of BeyondTrust's Identity Security Insights platform, which allows organisations to monitor identity risk across Active Directory, Entra ID, AWS, Azure, Google Cloud Platform, Okta, Ping Identity, and GitHub. With Secrets Insights, users can discover API keys, service account credentials, tokens, and similar assets across both cloud and on-premises setups, including within vaults, thereby mapping previously unmonitored access vectors. Key benefits Secrets Insights offers a number of core functions: discovery of unmanaged secrets throughout cloud and on-premises environments; identification of users with both direct and indirect access to these secrets; risk scoring and prioritisation focused on levels of exposure and privilege; and integration with BeyondTrust Password Safe, which automates remediation tasks. Maiffret commented on the next steps for the sector: "As organisations embrace automation and Agentic AI, securing the invisible layers of access - secrets, tokens, and service identities - will define the next frontier of identity security." Secrets Insights is scheduled to become available later this year. As part of its ongoing initiatives, BeyondTrust provides complimentary Identity Security Risk Assessments for qualified organisations. These assessments can be completed in under 48 hours and are intended to help organisations identify hidden privileges and secret-related risks, supporting steps towards reducing standing privilege and enabling just-in-time access.
