BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
webinar 2

On Demand Webinar: Because Auditing Stinks Sometimes

Posted July 2, 2015    Lindsay Marsh

Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell…

Categories:
Privileged Account Management
Tags:
, , , ,
skeletonkey3_713678_713680

Stopping the Skeleton Key Trojan

Posted June 29, 2015    Robert Auch

Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts.

Categories:
Privileged Account Management, Vulnerability Management
Tags:
, , , , ,
webinar 2

On Demand Webinar: 10 Steps to Building an Effective Vulnerability Management Program

Posted June 26, 2015    BeyondTrust Software

In this on demand webinar, Cybersecurity Expert, Derek A.Smith will take you through his 10 steps for a successful vulnerability management program and how to get started now.

Categories:
Vulnerability Management
Tags:
, ,
AHHA_PRO.LOGO

Privileged Account Management – Another AH-HA in Cyber Security

Posted June 25, 2015    Nigel Hedges

I strongly believe that the Top 4 mitigation strategies don’t just simply apply to Australian organizations, it should be a global realization, a worldwide “ah ha!” for those still not quite understanding the importance here. Here’s a refresher (or intro) on the Top 4 mitigation strategies. Read on…

Categories:
Privileged Account Management
Tags:
, ,
PBMS_Architecture

PowerBroker Management Suite 4.0: New Web Console and Deeper Auditing, including for NetApp Filers

Posted June 22, 2015    Rod Simmons

BeyondTrust has released version 4.0 of PowerBroker Management Suite, our solution for centralized real-time change auditing for Active Directory, File Servers, Exchange, and SQL, and recovery of Active Directory objects or attributes. This new release features some exciting enhancements – especially a new web console, deeper GPO auditing, and the addition of NetApp auditing.

Categories:
Privileged Account Management
Tags:
, , ,
webinar_chalk

On Demand Webinar: Secure Local Window Admins with LAPS

Posted June 19, 2015    BeyondTrust Software

Windows & IT Security Expert, Russell Smith shows you how to configure Microsoft’s free Local Administrator Password Solution (LAPS) tool to secure local administrator accounts. Organizations often use the same password for local administrator accounts across all devices, leaving them vulnerable to Pass-the-Hash (PtH) attacks, which can result in sensitive domain credentials being exposed. LAPS automates regular changes of local administrator passwords, and securely stores passwords in Active Directory (AD).

Categories:
Privileged Account Management
Tags:
, , ,
iPhonePrivacy

Are you a Data Privacy Hypocrite?

Posted June 18, 2015    Morey Haber

As technology users, we choose to share what we share with the world. However, do you know that there is information being collected on some devices that you might not even know about? Unless you read all the terms of service, you likely don’t know.

Categories:
Privileged Account Management
Tags:
, ,

Vulnerability Overload: Threat Analytics Can Help

Posted June 11, 2015    Brian Chappell

This blog post is republished with the permission of Network Computing. The increasing range of security information sources can be overwhelming. Brian Chappell, Director of Technical Services for BeyondTrust suggests that analytics may offer assistance.

Categories:
Vulnerability Management
Tags:
, , ,
webinar2

On Demand Webinar: Techniques for Extracting Juicy Information (like Passwords!)

Posted June 10, 2015    BeyondTrust Software

Paula Januszkiewicz explains and demos the techniques for memory acquisition, secrets to obtaining the juicy data, and how to find someone’s memory dump!

Categories:
Privileged Account Management
Tags:
,
patch-tuesday

June 2015 Patch Tuesday

Posted June 9, 2015    BeyondTrust Research Team

This month’s Patch Tuesday is a bit on the lighter side with only 8 bulletins. In total, 45 distinct vulnerabilities are addressed with over half belonging to Internet Explorer. At the time of release, Microsoft seemed to skip the MS15-058 bulletin, so we’ll be sure to keep an eye out for it.

Categories:
Security Research
Tags:
,