Skip to content

Thycotic Certified by U.S. Department of Homeland Security’s CDM Program

WASHINGTON, DC, June 26, 2018 Thycotic, a provider of privileged account management (PAM) solutions for more than 7,500 organizations worldwide, today announced that the company has been selected as an approved vendor of The Continuous Diagnostics and Mitigation (CDM) program, which secures the cybersecurity of government networks and systems. This certification validates the importance and trust in Thycotic’s solutions to protect the nation’s most critical assets.

The integration of Thycotic’s solutions will help CDM provide federal departments and agencies with technologies that find cybersecurity risks, prioritize risks based upon impact, and allow cybersecurity personnel to tackle the most significant problems first. Thycotic provides an easy to implement, cost-effective solution which gives Government customers an innovative option to meet DHS reporting requirements along with protecting their assets. The aim of Phase 2 for the CDM program is Least Privilege and Infrastructure Integrity, aligning perfectly with what Thycotic brings to the table.

Key focus areas for phase 2 of the CDM program are:

  • TRUST – Access Control Management (Trust in People Granted Access)
  • BEHAVE – Security-Related Behavior Management
  • CRED – Credentials and Authentication Management
  • PRIV – Privileges

“Breaches happen time and time again through privileged accounts and the government is promoting a proactive approach to make sure a cyberattack doesn’t happen due to outdated, inactive, or easily accessible privileged credentials,” said Damon Tompkins, Vice President, Americas at Thycotic. “Thycotic clamps down on every privileged account and provides full visibility into the health of these credentials. We’re thankful for this opportunity to be a part of the CDM program.”

Thycotic’s Secret Server helps organizations store, distribute, change and audit enterprise passwords in a secure environment. Thycotic’s Privilege Manager provides the best approach to implementing least privilege policies and can help prevent malware from exploiting local credentials on endpoints – the most vulnerable part of an attack surface.