Cmd.com will be migrated to Elastic.co shortly.
See and Manage Privileged Sessions on Production Linux
When you need to see or manage production session access to resolve an incident or carry out a critical task, you can’t be slowed down by dinosaur-era PAM. Cmd gives users the privileges they need, when they need it, with full audit & granular control.
Trusted by Great Companies
# PAM in the cloud is just…
different
Take a look at your privileged session management or even privileged access management (PAM) solution. It’s almost certain to have been built for Windows, where you have a dedicated IT staff managing users, identities, and group policies through Active Directory. The cloud is totally different. In Linux, identities are decentralized and systems are created and taken down through automated algorithms overseen by an army of DevOps engineers. Furthermore, very few controls exist – if any – to prevent a privileged user from doing something they shouldn’t do.
Legacy PAM solutions are not well suited for this fast-paced, high-velocity, decentralized environment. That’s why Cmd has approached PAM from a fresh, Linux-first perspective.
Cmd makes privileged session management fast, easy, and totally visable
User authentication with 2FA
Cmd works with modern provisioning methods and provides easy and flexible authentication through 2FA-gated logins and privilege escalations.
Privileged account and root user guardrails
Block risky commands, even for a root user, providing pre-execution protection from human errors or legitimate threats.
Rich context for each session
Capture every command a user executes across privilege escalations, as well as output returned and context such as processes, files and netcons.
Easy deployment and provisioning
Cmd allows users to assume account identities already present on the box, making it so much easier to provision and manage than legacy PAM without compromising compliance controls.
Enforcement through any shell
Users access systems & containers however they choose, including ssh, tty, console, kubectl, IPMI and Cloud-native tools. No proprietary shell required.
2FA
User authentication with 2FA
Cmd works with modern provisioning methods and provides easy and flexible authentication through 2FA-gated logins and privilege escalations.
GUARDRAILS
Privileged account and root user guardrails
Block risky commands, even for a root user, providing pre-execution protection from human errors or legitimate threats.
AUDIT TRAIL
Rich context for each session
Capture every command a user executes across privilege escalations, as well as output returned and context such as processes, files and netcons.
PROVISIONING
Easy deployment and provisioning
Cmd allows users to assume account identities already present on the box, making it so much easier to provision and manage than legacy PAM without compromising compliance controls.
ENFORCEMENT
Enforcement through any shell
Users access systems & containers however they choose, including ssh, tty, console, kubectl, IPMI and Cloud-native tools. No proprietary shell required.
# Controlling privileged session management is foundational to workload security
To provide adequate protection for workloads running in your cloud or datacenter, you’ve got to have a tight foundation, including privilege management.
SERVER / WORKLOAD PROTECTION HIERARCHY
Ask yourself:
- “Do I know that no unauthorized code is running?”
- “Can I track who is logging in and what they do?”
- “Am I confident every change is accounted for?”
- “Can I easily find and audit critical information?”
If you answered “no” to any of these, now’s a good time to evaluate Cmd.
“We’re a high-growth company, so security can’t create friction. We need to deliver faster – all the time. That’s why we selected Cmd, so we can monitor and control access to sensitive systems without slowing DevOps down. This is what Privileged Access on Linux is supposed to be.”
VP Infrastructure and Security
# Learn a little more (you know you want to)
Cmd for Securing Root Users & Privileged Accounts
Learn how Cmd monitors and enforces policy for privileged users, root users, and shared accounts.
Datasheet
Redefining Privileged Access Management for Agile Cloud Environments
Learn how privileged access inside cloud environments is different, and what you need to do to adapt.
Webinar
CmdAcademy: How to Audit Who is in Your Cloud – The Good and the Bad
Learn how to use Cmd to manage who has access to your cloud environment and see who’s actually logging in.
Webinar
