implementing-privileged-session-monitoring

Featured

Implements privileged session monitoring and recording using Privileged Access Management (PAM) solutions, focusing on CyberArk Privileged Session Manager (PSM) and open-source alternatives. Covers session recording configuration, keystroke logging, real-time monitoring, risk-based session analysis, and compliance audit trail generation. Activates for requests involving privileged session recording, PAM session monitoring, CyberArk PSM configuration, administrator activity monitoring, or compliance session auditing.

DevOps & Infrastructure 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Implementing Privileged Session Monitoring ## When to Use - Deploying or configuring session recording for all privileged access to critical servers and databases - Meeting compliance requirements (PCI-DSS 10.2, SOX, HIPAA, ISO 27001) that mandate privileged activity monitoring - Investigating an incident where an administrator or third-party vendor may have performed unauthorized actions - Implementing real-time alerting for high-risk commands executed during privileged sessions - Establishing a forensic audit trail of all administrative actions on production infrastructure **Do not use** for monitoring standard user sessions or endpoint activity; use EDR/UBA solutions for general user behavior monitoring. Privileged session monitoring focuses specifically on elevated-access sessions. ## Prerequisites - CyberArk PAM Self-Hosted or Privilege Cloud deployment with Digital Vault configured - CyberArk Privileged Session Manager (PSM) or PSM for SSH (PSMP) installed on a hardened Windows/Linux jump server - Network architecture where all privileged access is routed through the PSM proxy (no direct RDP/SSH to targets) - PVWA (Password Vault Web Access) deployed and accessible for session review - Active Directory integration for authenticating PAM users - Sufficient storage for session recordings (estimate: 50-250 KB per minute for RDP, 5-20 KB per minute for SSH) - Alternatively for open-source: Teleport, Apache Guacamole with session recording, or `script`/`ttyrec` for Li...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

implementing-privileged-access-management-with-cyberark

Deploy CyberArk Privileged Access Management to discover, vault, rotate, and monitor privileged credentials across enterprise infrastructure. This skill covers vault architecture, session isolation, c

12,642 Updated today
mukul975
AI & Automation Solid

implementing-privileged-access-workstation

Design and implement Privileged Access Workstations (PAWs) with device hardening, just-in-time access, and integration with CyberArk or BeyondTrust for secure administrative operations.

12,642 Updated today
mukul975
AI & Automation Featured

performing-privileged-account-access-review

Conduct systematic reviews of privileged accounts to validate access rights, identify excessive permissions, and enforce least privilege across PAM infrastructure.

12,642 Updated today
mukul975
API & Backend Solid

implementing-pam-for-database-access

Deploy privileged access management for database systems including Oracle, SQL Server, PostgreSQL, and MySQL. Covers session proxy configuration, credential vaulting, query auditing, dynamic credentia

12,642 Updated today
mukul975
AI & Automation Solid

performing-privileged-account-discovery

Discover and inventory all privileged accounts across enterprise infrastructure including domain admins, local admins, service accounts, database admins, cloud IAM roles, and application admin account

12,642 Updated today
mukul975