JumpCloud Vault
Identity PAM
Overview
JumpCloud Vault (previously VaultOne) is a product acquired by VaultOne in 2025. It delivers a modern PAM through a Zero Trust platform for securing credentials, sessions, and access to websites, servers, databases and cloud resources. It combines decentralized password storage with centralized controls, eliminating VPNs and enabling seamless MFA/SSO integration. This unified solution targets SMBs and mid-market for scalable, auditable privileged access.
JumpCloud Vault redefines PAM by merging VaultOne's robust features into the JumpCloud ecosystem, providing end-to-end identity security from password management to granular privileged controls. It secures shared accounts, certificates, and user access across hybrid/cloud environments without traditional vaults' complexity, using browser-in-browser access and automated policies. Key strenghts include no-VPN remote access, continuous monitoring, and compliance.
How to position
- Position as the PAM for everyone to SMBs/MSPs lacking enterprise tools, emphasizing quick deployment, cost saving and cyber insurance compliance via least privilege and audit trails
- Cross-sell to JumpCloud IAM/MDM users as the "PAM upgrade" for full zero-trust highlighting lateral movement prevention and 4x attack surface reduction
- Pitch to Microsoft resellers, as the Microsoft ecosystem doesn't contain any PAM solution
Core Features
VaultOne powers core PAM with:
- Access manager for policy-driven approvals
- Session manager/recorder for video/keystroke capture and anomaly detection
- Password manager/generator for strong credential creation
- Vaulting for encrypted storage/rotation
- MFA protection (and integratieon with JumpCloud Core Directory) on requests
- Auditing/reporting logs all actions for forensics/compliance
- RBAC defines granular roles
- Customizable policies enforce JIT/least privilege
- Disaster recovery/backup ensures failover
- Secure browsing proxies traffic to websites/servers/databases without exposure
Feature Overview
| Feature | Description | Assets Supported |
|---|---|---|
| Access Manager | Policy-based approvals, remote access controls | Websites, servers, databases, cloud services |
| Session Manager & Recorder | Real-time monitoring, tamper-proof playback | All privileged sessions |
| Password Manager & Generator | Auto-fill, unique strong passwords | Credentials, certificates |
| Password Vaulting | Encrypted storage, auto-rotation | Shared accounts, secrets |
| Task Automation | Workflow scripting for provisioning/rotation | Admin tasks, compliance |
| MFA | Risk-based multi-factor on access requests | All entry points |
| Auditing & Reporting | Centralized logs, SIEM export | User actions, compliance proofs |
| RBAC | Granular roles, least privilege | Teams, third-parties |
| Customizable Policies | Tailored rules, Zero Trust enforcement | Risk-based access |
| Disaster Recovery & Backup | Failover, data redundancy | Full platform availability |
| Secure Browsing/Proxying | Browser-in-browser, no VPN | Websites, apps, infrastructure |