Archive for March, 2011
The Cobbler’s Son Has No Shoes
What happens when a top security company fails to implement a least privilege solution? Just look at what was reported about RSA to see what awaits you if you fail to implement a least privilege solution and someone hijacks credentials to steal information via Advanced Persistent Threat. Yep, the cobbler’s son does have NO SHOES.
Vulnerability Scanning From a Virtual Machine
Virtualization offers a wide array of benefits from power and environmental constraints to physical space limitations and disaster recovery efforts. As leaders for Unified Vulnerability Management, we realize these benefits offer a significant value to our install base and we are in full support of virtualization for our solutions. Although virtualization is in many ways…
BlackBerry Vulnerability – Where’s the Admin Privileges?
If you haven’t read by now, at this year’s Pwn2Own hacker challenge that took place at CanSecWest in Vancouver last week, the iPhone and Blackberry were both hacked. Teams also demonstrated several vulnerabilities in browsers, macbooks and more.
3 Things Local Admins Can Do That They Shouldn’t
Eliminating local admin rights from Microsoft Windows users is not just a nice thing you should do, but in fact a mandatory best practice for all of today’s enterprises wishing to stay secure and compliant.
Misuse Privilege and GO TO JAIL
You may have thought that misuse of privilege is a victim less crime and no one will care. Just ask former Goldman Sachs programmer, Sergey Aleynikov what he is doing for the next 8 years and then decide for yourself.
How Sensitive Could Data Be?
Here at BeyondTrust, we work with some of the most sensitive information in the world. The kind of stuff that makes or breaks businesses, collapses empires, or creates headlines. Ok – we’re being melodramatic, and we also deal with things as simple as system configuration settings that hike up help desk costs.
A Basic Guide to SCAP
The Security Content Automation Protocol (SCAP, pronounced S-cap) is a suite of open standards that when referenced together, deliver an automated vulnerability management, measurement, and policy compliance evaluation for network assets. The first version of the suite specification focused on standardizing communication of endpoint related data and to provide a standardized approach to maintaining the…
CETREL S.A. Replaces SUDO with PowerBroker for Servers
<
Top 10 Reasons Good People Do Bad Things Without Least Privilege
In the spirit of keeping blog posts informative, short and fun, this one takes a cue from David Letterman in format. So without further fanfare or wasted space… the Top 10 Reasons Good People Do Bad Things Without Least Privilege are:
MD Anderson Selects PowerBroker for Servers
The University of Texas M.D. Anderson Cancer Center is a world-leading intitution for cancer treatment. In 2008 alone, the facility cared for nearly one million people, and it supports a faculty and staff of both MDs and PhDs numbering over 20,000. Their IT network is based on a powerful and secure Unix infrastructure, and includes over 500 servers that house confidential patient and financial information.
