Privilege Access Management (PAM) provides the ability to defend against particular vulnerabilities, such as "pass-the-hash", spear-phishing, and other hacking techniques that attempt to gain high privileges across the enterprise. PAM integrates with Active Directory to apply an expiration to group membership. That is to say, the membership of a highly privileged (and organizationally chosen) group is automatically removed by Active Directory after a specified duration. MIM adds self-service request capabilities, allowing users who are granted the permission to request the membership of a group to receive membership for a specified time. The end result is that people no longer need the permanent membership of highly ...