BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

bmc-img5

Retina CS 4.0 and Remedy Ticketing Integration

Overview Retina CS enables teams to centrally manage organization-wide IT security and compliance initiatives from a single, web-based console. It provides discovery, prioritization, and remediation of security risks by delivering what matters the most – context. Retina CS is the centerpiece of the BeyondTrust vision of Context Aware Security Intelligence which helps organizations answer the…

Post by Jerome Diggs November 29, 2012
Tags:
, , , , , ,
sccminteg-img2

Microsoft SCCM Integration with Retina CS Threat Management Console

Overview Retina CS enables teams to centrally manage organization-wide IT security and compliance initiatives from a single, web-based console. It provides discovery, prioritization, and remediation of security risks by delivering what matters the most – context. Retina CS is the centerpiece of the BeyondTrust vision of Context Aware Security Intelligence which helps organizations answer the…

Post by Jerome Diggs November 28, 2012
Tags:
, , , , , , ,
ScanMetrics-screenshot

Adobe Flash Player and Air (APSB12-24) Critical Memory Vulnerabilities – November 2012

Nine new audits are being released in our Retina vulnerability scan engine to help customers identify a security vulnerability that can enable an attacker to gain control of a vulnerable system (CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280) These nine new audits have been released with Retina Network Community and the commercial version of Retina…

Post by Jerome Diggs November 9, 2012
Tags:
, , , ,
img-mobile

Most Versions of Android have SMiShing Vulnerability

Researchers at NC State University have discovered a vulnerability that allows a zero-permission App to fake SMS messages and thus lead to potential SMS Phishing (or SMiShing).   By creating fake SMS messages from legitimate looking sources, a mal-ware app could fool a user into clicking on a link to a rogue site with the intension of…

Post by Bobby DeSimone and Scott Ellis November 5, 2012
Tags:
, , , , , , ,
2

Organizing your PowerBroker Desktops Rules

When tackling a project to remove administrator privileges from users, it is critical to understand what applications and tasks will be impacted. Some things just break or won’t function properly when users are no longer administrators. Of course, PowerBroker Desktops is designed to elevate those apps and tasks that require administrator privileges so that there…

Post by Peter McCalister October 20, 2012
Tags:
,
img-01-resized-600.jpg

MS SQL Cross-Site Scripting (XSS) News – October 2012

Eight new audits are being released in our Retina vulnerability scan engine to help close a security vulnerability that can enable an attacker to gain control of a MS SQL Database Server running SQL Reporting Services via Cross-Site Scripting (CVE-2012-2552, MS12-070). These eight new audits have been released with Retina Network Community and the commercial…

Post by Jerome Diggs October 15, 2012
Tags:
, , , , ,
img

Don’t say “Lockdown”!

Here at BeyondTrust, we have been fortunate to be able to speak with thousands of security professionals in dozens of industries, and it is astonishing how differently organizations assess risk and approach computer security. Some organizations are very strict about security and are able to completely lock down desktops. Others are significantly more lax about…

Post by Peter McCalister October 15, 2012
Tags:
, ,
chalk cliff in england-resized-600.jpg

Privilege Identity Management – A Help Desk Perspective

Help desk technicians within a company are the first line of defensive for a new project or system problem. Most of the time, they are informed and trained that users will be getting a new piece of security software. The solution, in this case, is called Privileged Identity Management (PIM) and is designed to manage authenticated permissions…

Post by Morey Haber October 12, 2012
Tags:
, , , , , , ,
img

PowerBroker for Windows – Solution Deployment

PowerBroker for Windows (PBW) is designed to integrate directly into your corporate Active Directory (AD) structure without modifying your existing schema. In the asset labeled “1” below, an administrator simply loads a Group Policy Option (GPO) snap-in onto an asset that uses the Microsoft Management Console (MMC).  The administrator can then create policies and rules…

Post by Morey Haber October 11, 2012
Tags:
, , , , , , , ,
bestknownsecret-2

PowerBroker for Windows, Best Known Secrets – Collections

One of the best-known secrets about PowerBroker for Windows is the ability to logically group rules into Collections. This Best Practice allows you to organize rules based on almost any criteria and treat multiple rules as a single entity. This feature is most useful when: Rules require the same item-level targeting Organizing rules into physical…

Post by Morey Haber October 1, 2012
Tags:
, , , , ,