Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

3 Ways to Reduce Help Desk Costs

It doesn’t matter if your organization’s IT help desk requirements are satisfied in-house or outsourced, there are very tangible costs directly related to the misuse of privilege.

Post by Peter McCalister October 26, 2010

The Value of a Zero-Day Vulnerability Assessment Scanner

Let’s assume your business is near perfect. You have a proven and reliable vulnerability management lifecycle in place and identification of vulnerabilities and patch remediation happens like clockwork. Finding lingering threats or missing patches is a rarity and even your endpoint protection solution never fails catching the latest malware. Like I said, a near perfect…

Post by Morey Haber October 26, 2010
, , , , , ,

When Legacy Apps Dictate Desktop User Privilege Access

In an enterprise Windows’ desktop environment, whether a company has 100 or 10,000 seats, the challenge of managing access is fraught with difficulty. Even if an IT administrator can work out how to circumnavigate Windows User Access Controls or how to set a Group Policy for every application, there will invariably still be a legacy…

Post by Peter McCalister October 25, 2010

eEye @ N-Able Partner Summit

Marc and I just returned from the N-able 2010 Partner Summit in Scottsdale, Arizona. While there, we took part in the announcement of N-able’s Remote Audit Manager, a collaboration between eEye Digital Security and N-able. Remote Audit Manager utilizes eEye’s award winning Retina Network Security Scanner to allow MSPs to provide vulnerability assessment, configuration compliance…

Post by Chris Silva October 25, 2010

4 Things You Should Know About Microsoft UAC

Microsoft User Access Controls (UAC) has been touted as the next great thing in desktop security, but does it really satisfy all you need in order to ensure security, compliance and productivity?

Post by Peter McCalister October 22, 2010

DEP Down Part 2: Why is DEP failing?

In the first part of the series “DEP Down”, we discussed how DEP (Data Execution Prevention) is not always enabled on the application targeted by attackers. When it is enabled, it can be defeated in a number of ways: Return-to-libc attacks These attacks, while normally limited to simple system commands, will always evade DEP as…

Post by The eEye Research Team October 21, 2010

Stopping Good People From Doing Bad Things With Admin Rights

Let’s face it – organizations cannot simply build walls to protect vital information anymore. However, in the process of adapting to this new virtual collaborative environment comes the enormous challenge of ensuring that privileged access to critical information is not misused. Walls that may have worked a decade ago are now practically irrelevant as users…

Post by Peter McCalister October 21, 2010

6 Things You Should Know About Sudo

Freeware isn’t always free.

Post by Peter McCalister October 20, 2010

Indirect Misuse of Privilege Lessons from Google

Last week we posted on the three forms of misuse of privilege, followed by a recent example of malicious abuse, where a stock trader used his IT skills to circumvent the system.

Post by Peter McCalister October 19, 2010

Indirect Misuse of Privilege Is a Malware Imperative

Indirect misuse of privileges is when one or more attack types are launched from a third party computer which has been taken over remotely. A startling statistic revealed by Gartner is that 67% of all malware detections ever made were detected in 2008. Gartner also estimates managed desktops, or users who run without admin rights,…

Post by Peter McCalister October 18, 2010