PrivApp — Elevate legacy apps, not user permissions.

The Problem Enterprise IT teams running legacy IE/ActiveX clients face an impossible choice: either grant standard users local admin rights (creating massive security exposure) or deploy expensive enterprise PAM solutions ($100k+/year) that are overkill for per-app elevation. Current workarounds like Task Scheduler tricks are fragile, undocumented, and don't scale across hundreds of users without introducing security blind spots. What We're Building PrivApp is a lightweight Windows service that enables granular, auditable privilege elevation for specific applications without granting users admin rights. Administrators define which apps (and which users) can elevate via Group Policy; execution is logged centrally; no password sharing or admin credential exposure. Deploy via MSI + GPO in under 30 minutes. Who It's For IT Security & Systems Administrators at mid-market enterprises (1,000–10,000 employees) in regulated industries: financial services, manufacturing, utilities, healthcare. S