If you are an XTAM customer, it might seem like our dedicated team of software developers never stop working to add in new PAM features. With a weekly release schedule, our developers issued 52 product updates last year. Each update may include product enhancements, new features, bug fixes and more as well as supporting documentation, release notes, FAQs and a weekly blog.
It may seem like a lot, but we would not have it any other way. We are strong believers in the agile development method and it’s part of our company philosophy. In fact, I have been using the agile method for over 10 years and have seen how it benefits both the development team and customers.
Using agile development allows us to continuously advance the XTAM product and rapidly meet changing security requirements. We are able to incrementally add new features and receive customer feedback as soon as possible. Our development team is able to adjust based on user needs and priorities. This allows us to better support our customers, quickly respond to the evolving security landscape and deliver the best PAM software possible.
The weekly schedule allows XTAM users to have greater transparency on product developments. Users can better plan and select the updates they want to leverage. On average the updates take only a few minutes to install and ensure your software is always up to date.
As we reflect on the release updates from 2019, here is a list of the 10 most significant features or enhancements added to XTAM over the last 12 months.
- RDP Proxy
XTAM users can create secure, high trust, password-less remote sessions to their managed Windows endpoints using your native desktop or mobile RDP clients. XTAM added the ability to create RDP proxy sessions directly from your desktop or mobile device without downloading or installing any agents, custom launchers or deployment packages. The RDP Proxy connect using native RDP clients: mstsc, mRemoteNG, mobile RDP, etc. Read our FAQ on creating secure RDP proxy sessions
- MFA for Native Clients: PuTTY, RDP, mstsc, WinSCP, FileZilla, etc
Maintain strict enforcement of user authentication with multifactor authentication (MFA) even when using native client applications like PuTTY, Remote Desktop, WinSCP, FileZilla and others.
- Domain Account Management (service, scheduled tasks, IIS app pool)
Many times, the passwords associated with Service, Scheduled Tasks and IIS App Pools accounts are never updated due to the difficulty in maintaining all the dependencies. Using XTAM, managing these accounts, both local or domain, can be done with relative ease ensuring that passwords are set to complex strings and automatically rotated to maximize your IT security. Read our FAQ on How To Manage a Domain Account used as a Windows Service Account
- Custom Reports
The XTAM Report library comes standard with many of today’s most desired information including Audit Logs, Inventory, Job History and Sessions. This year we added the ability for System Administrators to create their own custom reports built to their specific requirements using common reporting formats and detailed column data. Read our FAQ on Custom Reports
- KeePass Import
Customers who are transitioning from other password management products like KeePass will find our new Import engine extremely useful. When importing from native KeePass files, XTAM will automatically rebuild folders and records, including key attachments, descriptions and other valuable information making the build out of your new XTAM vaults as easy as clicking a single button. Read our FAQ on How to import from KeePass
- DevOps: tokens and user management on containers, CLI (lock, unlock, request)
In 2019 we expanded XTAM’s capabilities to better support DevOps and Application Management. The product now allows container owners to manage their own user directory, applications and API tokens. This allows System Administrators, who used to have this sole responsibility, to delegate control to Team or Department managers to maintain their own level of security. Learn more about PAM Solutions for DevOps and Application to Application Password Management
- Virtual MFA
MFA authentication is typically associated with individual user accounts where the user maintains control of their secondary device, like a mobile phone, to generate personal codes. However, the benefits can be further extended to shared administrative accounts too. The difficulty with MFA enforced on shared accounts is simply that several users cannot possess the same secondary device. With XTAM, you can now securely store your MFA secret key and generate on-demand or ‘just in time’ codes that can be used for shared accounts where MFA is required. Learn how to Generate and Share Virtual MFA TOTP Tokens
- Anonymous links
The introduction of Anonymous Links in XTAM solved a complex problem with a simple solution. Many times people need to safely share passwords and secrets, but they are often done using insecure methods like email or messaging services. XTAM can now generate secure single use, multiple use or self-destructing unique links that can be accessed from anywhere to safely share secrets that are maintained within its Vault. Learn more about anonymous links
- Multi-level proxy access
For customers with isolated or remote customer environments, XTAM has been extended to easily manage devices located in these networks including the ability to support task execution like password rotation and remote sessions, both web-based and native clients applications.
- Scheduled email delivery for reports
XTAM now includes the option to subscribe to automated email delivered reports. Users can receive them periodically as PDF or CSV email attachment. This allows administrators, auditors and owners to monitor the vital network activities, detect anomalies or discover problem areas without logging in to the system. These automatically emailed reports can be delivered daily, weekly or monthly and can be associated to system-wide, vault, folder or record level objects, including report parameters and filters.
In addition to our top 10 features added in 2019, we have a few additional honorable mentions:
- Integration with ServiceNow that automatically updates Incident History with XTAM events.
- SQL and HTTP Traffic recording for greater insight and managerial review of more privileged sessions.
- Native YubiKey authentication to increase enforcement of MFA requirements.
- Introduced a new session Risk Score option to provide a measurable indication of events generated during each privileged session.
- SSH Key Management to ensure key can be stored and rotated as needed for managed endpoints.
In 2020, you can follow all of our weekly product releases here at the Xton blog. We publish the weekly updates very Monday morning. We welcome customer feedback on the releases and PAM features. We look forward to continuing to enhance and deliver the best PAM software available in 2020.