RP-PAM — Product Overview¶
Section: Getting Started | Article 01
Audience: All Users
Last Updated: 2026-04-06
What is RP-PAM?¶
RP-PAM (Ravenphyre Privileged Access Management) is an enterprise security platform that controls, monitors, and audits access to your organisation's most sensitive systems. It ensures that the right people get the right level of access, for the right amount of time, with a full audit trail of everything that happened.
What Does RP-PAM Do?¶
Credential Vault¶
RP-PAM securely stores privileged credentials (passwords, SSH keys, database accounts) in an encrypted vault. Credentials are automatically rotated on a schedule you define, reducing the risk of credential theft.
Just-In-Time Access¶
Instead of giving users permanent privileged access, RP-PAM grants time-limited access that automatically expires. Users request access, an approver reviews it, and RP-PAM provisions the access for a specific duration. When the time is up, access is revoked automatically.
Approval Workflows¶
Every access request goes through a configurable approval process. Low-risk requests can be auto-approved. High-risk requests require one or more human approvers. Policies are based on resource criticality, requested duration, time of day, and user role.
Session Recording¶
Every privileged session (SSH, RDP, database) is recorded and stored for audit purposes. Recordings are encrypted and accessible only to authorised reviewers. Users are notified that their session will be recorded before it begins.
Directory Integration¶
RP-PAM integrates with your existing identity infrastructure: - Active Directory — Manage AD group memberships, user accounts, and credentials - Entra ID (Azure AD) — Manage Azure AD group memberships via Microsoft Graph - SSH — Manage SSH key pairs for Linux server access - Database — Provision temporary database users with scoped permissions
AI-Assisted Intelligence¶
RP-PAM includes an optional AI assistant that allows users to request access in plain English ("I need admin access to PROD-SRV-01 for 2 hours"). The AI also provides risk scoring for access requests and detects unusual access patterns.
Multi-Tenant MSP¶
For Managed Service Providers, RP-PAM supports multiple isolated customer tenants from a single installation. Each tenant has its own database, encryption keys, and configuration. No tenant can see another tenant's data.
Compliance Reporting¶
RP-PAM generates compliance evidence packages for SOC 2, ISO 27001, SOX, and PCI DSS. These packages contain access reviews, credential audit trails, policy configurations, and audit log summaries.
How is RP-PAM Different?¶
| Feature | Traditional PAM Products | RP-PAM |
|---|---|---|
| Updates | Full reinstall or large patch bundles | Component-level patches (.rppkg) with automatic rollback |
| Service Accounts | Single or dual accounts | Three-role segregated accounts (read, write, audit) |
| Session Recording | Often an expensive add-on | Included in all license tiers |
| Database Support | Vendor-locked | MSSQL and PostgreSQL with universal migration system |
| AI Assistance | Bolted-on or not available | Built-in natural language requests and risk scoring |
| Multi-Tenancy | Separate installs per customer | Shared infrastructure, fully isolated per-tenant data |
| Break-Glass Access | Shared admin accounts | Hardware-backed, time-limited, fully recorded emergency access |
License Tiers¶
| Feature | Standard | Enterprise | MSP |
|---|---|---|---|
| AD + Entra ID integration | Yes | Yes | Yes |
| Session recording | Yes | Yes | Yes |
| Web portal | Yes | Yes | Yes |
| Max users | 25 | Configurable | Per-tenant |
| HA clustering | No | Yes | Yes |
| Database modules | No | Yes | Yes |
| AI assistant | No | Yes | Yes |
| Multi-tenant management | No | No | Yes |
Next Steps¶
- System Requirements — Check your environment meets the requirements
- Installation — Install RP-PAM on your first server
- Lab Environment Setup — Set up a test lab for evaluation before production
RP-PAM v1.0.0 — Copyright 2026 Ravenphyre. All rights reserved.