BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
guy-stress-m

Do you want to do this the “hard” way?

Posted May 28, 2013    Mike Yaffe

Too often I see people working on what they can fix, what is easy. It’s like when I exercise, if I see progress I keep working at it but the problem areas (there are a lot of them) can wait until tomorrow. Over the past several years I see organizations doing a better job with…

Categories:
Vulnerability Management
Tags:
, , , , ,
zavio

Zavio IP Cameras Multiple Vulnerabilities

Disclosed May 28, 2013    Zeroday : 569 days
Vendors: Zavio
Vulnerability Severity: Medium
Exploit Impact: Remote Code Execution
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
palosantosolutions

Elastix Multiple Cross-Site Scripting Vulnerabilities

Disclosed May 28, 2013    Zeroday : 569 days
Vendors: PaloSanto Solutions
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Scripting
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
PIM-DefaultCricklewood

The Integrity of Files and Privileged Identity Management

Posted May 27, 2013    Morey Haber

The concept of privilege identity management allows for the elevation of applications and operating system functions to authoritative users based on rules and policies. While the basic context of the user does not have permissions to perform these tasks, the rules and policies in place provide a vehicle for them to operate in a privileged…

Categories:
New Features, Vulnerability Management
Tags:
, , , , ,
PBW-session-viewer

Session Monitoring Provides Context Aware Security for Windows

Posted May 23, 2013    Morey Haber

The Windows world is about to get a long overdue lesson from Unix. Privilege Identity Management does not stop at just logging that an application gets launched with elevated privileges; administrators need to know what the user does with that application, as well. Did they use the program within the guidelines of company policy or…

Categories:
Vulnerability Management
Tags:
, , , , ,
novell

Novell Client Arbitrary Code Execution

Disclosed May 22, 2013    Fully Patched
Vendors: Novell
Vulnerability Severity: Medium
Exploit Impact: Elevation of Privilege
Exploit Availability:
Categories:
Zeroday Tracker

May VEF Participant Wins a Kindle Fire

Posted May 21, 2013    Qui Cao

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

Categories:
Vulnerability Management
retina-cs-calendar

Retina CS 4.5 – Calendars and Vulnerability Smart Rules

Posted May 21, 2013    Morey Haber

One of the many challenges facing Product Management today is addressing client feature requests. Often times, the request for a specific business problem does not translate to other customers or markets. Other times, the request is so complicated to explain, it takes multiple discussions to figure out the root problem and to figure out if…

Categories:
New Features, Vulnerability Management
Tags:
, , , ,
session-viewer-pbw

Tech Tip: PowerBroker for Windows 6.0 Sneak Peek

Posted May 16, 2013    Peter Beauregard

Have you ever wanted to see what activities someone has performed inside one of your line-of-business apps for troubleshooting purposes? Maybe you just want to monitor what activities a network administrator performed on your Exchange Server to track down a configuration change. Well, we’ve got an exciting new feature in the upcoming release of PowerBroker…

Categories:
New Features, Privileged Account Management
Tags:
, , , , ,
forbes-logo_featuredimage

How To Prepare For When The SEC Comes Asking About Cybersecurity Risk | BeyondTrust CEO Featured in Forbes

Posted May 15, 2013    Mike Puterbaugh

Our CEO John Mutch was recently invited to share his thoughts on an increasingly talked-about subject in the IT industry – the potential for the SEC to assume oversight over public companies cyber risk programs – in essence asking them to report on the viability of their security and compliance operations – in the face…

Categories:
General
Tags:
, , , , ,