Edited to clarify that this is a discussion of Windows Recall snapshotting/recording and not PAM Session recording.
Ryan,
Microsoft does provide instructions for developers about preventing Windows Recall snapshotting of application windows: https://learn.microsoft.com/en-us/windows/client-management/manage-recall#information-for-developers
If this is something you would like to see considered for PAM applets, I recommend submitting an Idea using the link at the top of the communities page.
Please note that you can always use a PAM service, or the newer "PAM gateway for RDP", with the windows mstsc client which is excluded from Windows Recall snapshots by default.
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-2-3/configure-policies-to-provision-user-access-to-devices-and-applications/configure-devices/set-up-access-to-a-target-device/create-tcp-udp-services-to-access-a-device/create-an-rdp-proxy-service-to-access-a-device.html
https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/privileged-access-manager/4-2-3/standard-user-activities/access-windows-devices-using-the-pam-gateway-for-rdp.html
-------------------------------------------
Original Message:
Sent: Aug 07, 2025 05:10 PM
From: Ryan Rutzen
Subject: PAM Client RDP Applet session exclusion from Windows Recall Snapshots
Hi Broadcom Team, any idea if there will be some work done around excluding PAM RDP Client Sessions from Windows Recall Snapshots? It appears that currently only Microsoft RDP clients are supported. Not sure if Microsoft is planning to make the code available to third parties.
Manage Recall for Windows clients
| Microsoft |
remove preview |
 |
| Manage Recall for Windows clients |
| Learn how to manage Recall for commercial environments and about Recall features. |
| View this on Microsoft > |
|
|
Thank you.
Ryan Rutzen
-------------------------------------------