BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
anonymous

The Difference with Insiders

Posted February 24, 2011    Peter McCalister

The online security hacking group Anonymous has been making a lot of headlines recently. They committed denial of service attacks on companies like Mastercard, VISA and Paypal – companies who cut off Wikileaks from their services.

Categories:
Vulnerability Management
sharing-300x273

I Am the Ostrich, Goo Goo G’joob

Posted February 23, 2011    Peter McCalister

The top is down on my convertible and I hear “I am he as you are he as we are all together. See how they run…” blasting on the radio and what do I think of? Yep, privilege identity management.

Categories:
General
microsoft

Microsoft Malware Protection Engine Privilege Escalation

Disclosed February 23, 2011    Fully Patched
Vendors: Microsoft
Vulnerability Severity: Medium
Exploit Impact: Elevation of Privilege
Exploit Availability:
Categories:
Zeroday Tracker
bigdata-98x98

Prioritizing Vulnerability Assessment and Remediation Steps: A New Users Guide to Getting Started – Part 2

Posted February 22, 2011    Morey Haber

The odd part about writing weekly blogs is the amount of discussions that start internally, with clients directly, and sometimes through straight blog comments. After writing “A New Users Guide to Getting Started” article, my team indicated several really good ideas for a Part II follow-up blog. Simply, just getting started with vulnerability management is not enough….

Categories:
Vulnerability Management
Tags:
, , ,
citrix

Citrix Licensing Server 11.x Unspecified Vulnerabilities

Disclosed February 22, 2011    Fully Patched
Vendors: Citrix
Vulnerability Severity: Low
Exploit Impact: Information Disclosure
Exploit Availability:
Categories:
Zeroday Tracker
cloud

RSA Survey: No Trust for Cloud Vendors, Wikileaks

Posted February 21, 2011    Peter McCalister

At this year’s RSA we had a swat team passing out surveys – over 111 responses – to find out if people trust their cloud vendors with their data.

Categories:
Vulnerability Management
Team

Thoughts From Another Successful RSA

Posted February 18, 2011    Peter McCalister

17,000 security professionals descended on Moscone Center in San Francisco this week for the annual RSA pilgrimage of education, communication and motivation. Now that the event is over and everyone is heading back to their respective everyday roles, I thought I pass along a few observations to commemorate what was easily one of the better shows in the last couple of years for the security industry.

Categories:
General
cloud-security-img

Cloud Computing Security in Public Clouds

Posted February 17, 2011    Peter McCalister

We’ve said before that corporations need to take ownership and responsibility for overseeing and requiring compliance and security policies of their cloud vendors. Well, now it’s official, the industry agrees with us.

Categories:
Vulnerability Management
php

PHP grapheme_extract() NULL Pointer Dereference

Disclosed February 17, 2011    Fully Patched
Vendors: PHP
Vulnerability Severity: Medium
Exploit Impact: Denial of Service
Exploit Availability:
Categories:
Zeroday Tracker
hands

5 Things to Tell the CEO about Admin Privileges

Posted February 16, 2011    Peter McCalister

Every organization has their own quirks. Sometimes leadership isn’t involved enough for certain projects to be successful. Other times they’re too involved. And sometimes it feels like everything is just too much of a mess. This is especially true when it comes to IT security and compliance across physical, virtual and cloud environments.

Categories:
Privileged Account Management