BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

New Integration of Retina CS & Powerbroker Windows to Provide Context-Aware Privilege Management

Posted October 1, 2012    Jerome Diggs

Every day there are new vulnerabilities being discovered that can be used to compromise your organizations computing environment. Crucial to properly protecting is not only good configuration and vulnerability management but the overall management of your users and their privileges within your environment. One of the most commonly recommended security best practices is to make sure your users are not running as Administrator where they do not need to be.

The reason that it is important to make sure users to do not run as Administrator is because of the exponential effects that malware can have on systems where Administrator access is gained. The difference between malware executing as an unprivileged user vs. an Administrator can mean the difference of potentially a single system being compromised or your entire network and confidential data.

That is why at BeyondTrust we have focused on creating a robust line of products for helping Administrators properly manage user privileges and rights. Our PowerBroker line of products gives you granular controls for Windows and UNIX/Linux to be able to decrease your attack surface and increase productivity. This happens through a process of removing Administrator rights from every day users and providing limited access Administrator rights only to specific users and only for specific applications. For example you no longer need your finance department all running as administrator just because a single financial app requires it. Now these users can run with least privileges while still accessing the financial application with the administrative privileges that are require. This can mean a major difference in a web based browser attack, such as the recent Internet Explorer 0day, and the level at which malware can successfully embed itself into a system to further an attacker’s access within your business.

At BeyondTrust we are dedicated to continually innovating our solutions to better meet today’s security challenges. One of the challenges we have seen with privilege management is the need to take a systems overall risk into context when deciding what level of privileges a user or system should be given. We have heard from customers that there are times when the notification or revocation of privileged rights should be reflected based on a systems risk level. This is important because sometimes a systems risk profile can be that of which allowing increased user rights may lead to further risk and threat of system compromise. Taking the mapping of risk and privileges into context can better help our customers make smarter decisions about their security.

To that end we are pleased to announce the integration of PowerBroker Windows, for Privilege Management, with Retina CS for Vulnerability and Risk Management. With the integration of these two technologies we are bringing to market the first instance of Privilege Management based on the context of a systems security risk profile. This allows for customers to now make decisions based on which users, systems and applications can have increased privileges based on a systems overall risk and susceptibility to attacks.

One great example of this integration is in the new ability for IT administrators to be alerted when a system has increased privileges and is susceptible to something such as a zeroday (unpatchable) Internet Explorer attack or really any number of risk and vulnerability related items.

contextawareprivilege-1

By leveraging our Smart Rules technology an Administrator can create real-time alerting to be kept abreast of any newly found systems that can be compromised or systems that have been mitigated from certain risks and are therefore no longer needing additional levels of restrictions on privileges.

This is just one example of more to come as we more closely integrate Privilege and Risk Management to better provide the much needed security context to better drive IT operational security. Stay tuned as our roadmap is full of a lot of extremely beneficial innovations to Privilege Management and solving complex security challenges that your organization is facing.

Tags:
, , , , , ,

Leave a Reply

Additional articles

webinar_ondemand

On Demand Webinar – Why You Still Suck at Patching

Posted March 27, 2015    Lindsay Marsh

On Demand Webinar: Dave Shackleford recounts some of his personal experiences in patch management failure, and breaks down the most critical issues holding many teams back from patching more effectively.

Tags:
,
dave-shackleford-headshot

Why You Still Suck at Patching…and How to Turn Your Life Around

Posted March 25, 2015    Dave Shackleford

Live webinar | March 26, 2015 | 10am PT/1pm ET | Dave Shackleford, SANS Instructor | Why You Still Suck at Patching…and How to Turn Your Life Around

Tags:
, ,
infographic

Privilege Gone Wild 2: Over 25% of Organizations Have No Privileged Access Controls

Posted March 24, 2015    Scott Lang

BeyondTrust recently conducted a survey, with over 700 respondents, to explore how organizations view the risk of misuse from privileged account misuse, as well as trends in addressing and mitigating those risks.

Tags:
,