November 1, 2018

PrivX 4: the lean cloud access machine. Now with session recording.

SSH.COM is proud to announce the release of version 4 of PrivX. In many respects, this new release is the most significant release so far. There are four major new features and improvements that extend PrivX's capabilities, usability and disruptive influence on the privileged access software market. The enhancements in PrivX 4 have been driven by customer feedback and demand in line with the SSH.COM vision for credentialess cloud access. 

PrivX 4 includes four major new features

1. Session recording and playback

2. Single Sign-on via OpenID Connect

3. PrivX Extender

4. Audit Trail Summary and Event Log

I will cover these key features in more detail below. There's more under the hood that's new to v4 in the release notes. The key significance of these new features is that they lift PrivX from a DevOps team tool (for which it is still supremely useful) to a capable enterprise tool, making it the first true lean multi-cloud PAM (Privileged Access Management) software solution for demanding enterprises. Here's the scoop...

Session recording and playback

You can now record and play back user SSH and RDP sessions direct from the PrivX admin interface.


For companies in regulated industries, or companies that are highly security-conscious), this feature is a compliance must-have. Session recording, in connection with PrivX's unique log capabilities, is a powerful compliance tool.

Session recording shows who accessed what and when. It also shows who did what. This is especially useful and important in situations where a wide variety of 3rd parties have been granted access to systems. For added security, the auditable trail files are encrypted and secure so that they are tamper-proof.

Playback is primarily meant for compliance and forensics, but it can also be used as an assessment and training tool. Think: reviewing a session and letting the user know there might be better, faster and/or safer ways of achieving the desired outcome.

SSO with OpenID Connect

PrivX now supports OpenID Connect, giving users Single Sign-On to any of the myriad systems out there supporting various OIDC providers, such as Ubisecure, Microsoft Azure, AWS Cognito, Okta etc.


PrivX lets you map existing user groups to PrivX roles to extend your role-based access matrix to SSO.

PrivX Extender for accessing Virtual Private Clouds

The PrivX Extender extends (D'uh!) the power of PrivX to Virtual Private clouds that have no public IP address and sit behind firewalls. This is especially useful for users of hybrid clouds that combine public and private cloud elements.

 PrivX Extender in Action 

PrivX Extender is technically a reverse proxy component that is available in a separate RPM package. It runs inside a customer's VPC/private network and "calls home" to the main PrivX installation to let it know which network can be accessed via the Extender. The Extender supports both SSH and RDP connections.

Audit Trail Summary and Event Log

The Audit Trail Summary gives a convenient single-pane view of the most important connection information on a summary page. The Events view gives a summary view of key events from the syslog without leaving the PrivX GUI.

PrivX Connection Summary and Event Log

This feature gives admins a convenient way of inspecting connections and related events. For more granular analysis, you can still use your SIEM or the log management tool of choice (if you prefer open source, we have a soft spot for LOGalyze).

And there's more, like improved role management

Amongst many other efficiency boosts in PrivX 4, it's now even simpler for admins (we love you people!) to grant and revoke user roles. This can be done directly from the user info page without having to use or create workflows.

Role Management can now be done on the User Info page.

This is another cool time-saver that makes the lives of hard-working admins just that little bit easier. It also saves you time and money.

If you haven't tried PrivX yet...

...this would be an excellent time to try (or revisit) PrivX. The new features extend the capabilities of PrivX to meet the expectations of demanding enterprises, cloud service providers and DevOps.

PrivX 4 brings us into the realm of enterprise PAM – just without the complexity and the price tag attached to a legacy PAM solution. And PrivX can be deployed in a day and requires no end-user training.

For all the juicy tech specs, please see the PrivX 4 release details. For the scoop on pricing, check the shop.

To get up close and personal, I recommend the PrivX Test Drive. You get the PrivX experience in your browser, there's no commitment and friendly walk-through guidance on screen.

Feel free to contact me direct,


Tag(s): multi-cloud , PrivX

Jussi Mononen

Jussi is responsible for SSH's strategic and corporate development and investor relations. He is a 30-year IT industry veteran who is old enough to have coded in Fortran and Ada before switching to the business side of things.

Other posts you might be interested in