We’re excited to introduce Audit Mode for Endpoint Privilege Management, a powerful addition that allows IT Professionals to confidently move their customers away from standing local admin rights, without disrupting daily operations or user productivity.

• Privileged Activity Audit Log: View all privileged programs and processes run by users across all endpoints.
• Process Details: Get detailed information for each process, with built-in VirusTotal integration to check for malicious programs
• Rule Creation: Easily create auto-elevation rules directly from audit events and easily apply them at scale across your customer and user base.
• Transition to Least Privilege: Confidently remove local admin rights after setting up rules for approved tools.
• Ad-hoc Elevation Requests: End-users can request one-time admin access or one-time elevation for specific processes when needed.

Audit Mode allows you to monitor and log every privileged application and process executed by end-users across your managed environments. This added visibility enables IT teams to identify legitimate business-critical tools and workflows in real time. From there, creating precise auto approval rules directly from audit events is easy, and you can ensure that the right programs are always allowed, no help desk ticket required.

Once all critical applications are accounted for and approved through elevation policies, users can safely remove local admin rights and transition end-users into a secure, policy based elevation model. Combined with integrated VirusTotal scanning, detailed process insights, and support for ad-hoc elevation requests, Audit Mode provides a smooth, strategic path toward implementing least privilege at scale without the operational risk, or end-user friction that typically slows down adoption.

• Stronger Endpoint Security: Eliminating standing admin rights significantly reduces the attack surface across every customer environment. By only granting privilege to approved applications when needed, it limits the potential for lateral movement and privilege escalation.
• Easy Adoption: Audit Mode accelerates the rollout of least-privilege policies. Instead of guessing which tools to whitelist, you can use real-time audit data to build elevation rules.
• Reduces Tickets and Manual Approvals: With audit-driven rule creation and self-service elevation workflows, helpdesks will spend less time fielding tickets.
• A Foundation for Automation: By logging privileged behavior across all endpoints, Audit Mode helps identify common patterns and proactively define safe, repeatable elevation rules.

Audit Mode isn’t just a new feature, it’s a strategic enabler for IT Professionals looking to implement true least privilege access, without friction.

Traditionally, the removal of local admin rights has come with a cost: increased support tickets, unhappy end users, and disruption to workflows. Audit Mode flips that narrative by providing visibility into how end-users interact with privileged tools before any restrictions are enforced. This gives you the context needed to build safe, effective elevation strategies that work from day one.