BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

patch-tuesday

July 2013 Patch Tuesday

July’s patch Tuesday fixes vulnerabilities in .NET, Windows, and Internet Explorer. There are a total of seven bulletins addressing 34 unique vulnerabilities; six bulletins are rated critical and one is rated important. MS13-052 addresses a TrueType font parsing vulnerability in .NET (CVE-2013-3129, also addressed in MS13-053 and MS13-054), as well as six other vulnerabilities. This…

Post by BeyondTrust Research Team July 9, 2013
Tags:
, ,
gold-star

Getting a gold star in compliance

You know I realize that I’m getting older after I lived through “this is gonna be the big year for PKI (heard that for 4 straight years, and I’m still waiting)”, or “everyone will have a digital certificate on all their credit cards next year”, or “security and compliance are two different things.” As for…

Post by Mike Yaffe July 9, 2013
Tags:
, , , , , , ,
sclogoupdated_1448

Our CTO Writes for SC Magazine’s Threat of the Month: SCADA “sport fishing”

Our CTO, Marc Maiffret wrote for the SC Magazine column,Threat of the Month: SCADA “sport fishing” section yesterday. Read an excerpt below and read the full article here. What is it? SCADA is not just a focus because of its often critical deployments, but also because performing vulnerability research on SCADA systems is easy, like…

Post by Sarah Lieber July 2, 2013
Tags:
, , , , , , , ,
BTU2

School is in Session

We’re proud to announce that we’ve scheduled the next installments of BeyondTrust University. BeyondTrust’s commitment to our customer’s success goes beyond the typical vendor/client relationship. To better serve our customers and partners who rely upon our privilege identity and vulnerability management solutions, we have developed a world-class training curriculum to complement our award-winning security and…

Post by Mike Puterbaugh July 1, 2013
Tags:
, , , ,
PBIS-operations-dashboard

Our Newest Product Release: PowerBroker Identity Services 7.5

We are very excited for the announcement of our latest release of PowerBroker Identity Services 7.5, the industry’s most effective solution for bridging Linux, UNIX and Mac OS X assets into Active Directory. This latest update provides the strongest communications encryption to date, as well as the utmost flexibility with regards to event notification and management….

Post by Sarah Lieber June 26, 2013
Tags:
, , , , , , , , ,
usa-today

Our CTO, Marc Maiffret Interviewed on USA Today

Marc Maiffret, BeyondTrust’s CTO, was recently interviewed on USA Today in the article, “The long road from Code Red to Microsoft’s bug bounty”, where he discussed with Byron Acohido Microsoft’s concession to finally begin paying bug bounties. They talked about why this is a big deal for Microsoft and what Maiffret thinks about this new program. An excerpt…

Post by Sarah Lieber June 21, 2013
Tags:
, , , , , ,
patch-tuesday

EMET 4.0: Adding a Layer to the Security Onion

With the release of the EMET 4.0 beta back in April, it’s no surprise that there has been a lot of buzz lately around Microsoft’s Enhanced Mitigation Experience Toolkit (EMET). Now, after some delay, the beta testing is over and the brand new, and very shiny, EMET v4 has been released. The latest version of…

Post by BeyondTrust Research Team June 19, 2013
Tags:
, ,
PowerBroker-Events-Img2

Control Access and Reduce Risk

In my last blog I discussed bringing the NOC and SOC closer together, providing IT Operations with tools that improve security. This week I’ll go into more specifics of the solution and show how PowerBroker for Windows is used by both IT Operations and Security Operations teams. The Challenge Supporting a security principle such as…

Post by Bill Virtue June 14, 2013
Tags:
, , , , , ,
NSA-breach

Think You’re Safe from Internal Threats? The NSA Breach Will Make You Think Twice.

When reading a recent article in the USA Today about how Edward Snowden, a former Booz Allen Hamilton employee and NSA contractor, was able to steal sensitive data via non-specific vectors, I was reminded of the illusion that threats are predominately external to organizations. Even though we might not know exactly how Snowden was able to…

Post by Rod Simmons June 13, 2013
Tags:
, , , , , , ,
retinacs-dashboard

Our Newest Product Release: Retina CS 4.5

We are very excited for our latest release of Retina CS 4.5. With this release, the Retina CS platform continues to extend our leadership in risk identification and prioritization. By integrating the PowerBroker product portfolio with Retina CS, our customers are able to combine vulnerability data with privileged identity and password management risk intelligence, which provides them with improved situational…

Post by Sarah Lieber June 13, 2013
Tags:
, , , , , , , , , ,