BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:
PBW-Risk Report

Greylisting Applications with PowerBroker for Windows Risk Compliance

Posted February 10, 2014    Morey Haber

PowerBroker for Windows is designed to elevate privileges on an application based on rules. It does so using technology that does not alter the user but rather the security token for the application at runtime. The results allow a standard user to launch and interact with an application that requires administrative privileges, without changing the…

Categories:
Privileged Account Management
Tags:
, , , , ,
combined-executive-dashboard

BeyondInsight Reports: All The Difference In The World

Posted February 7, 2014    Morey Haber

Last week, we announced the release of the BeyondInsight IT Risk Management Platform, which provides a central environment for managing several of our PowerBroker Privileged Account Management and Retina Vulnerability Management solutions. A quick look at the BeyondInsight Analytics and Reporting module uncovers a startling revelation for our competitors and a hidden gem for our…

Categories:
Privileged Account Management
Tags:
, , , , , ,
Plex

Plex Media Server Multiple Vulnerabilities

Disclosed February 6, 2014    Zeroday : 172 days
Vendors: Plex
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: No Exploit Available
Categories:
Zeroday Tracker
zeroday-default

Publish-It Buffer Overflow Vulnerability

Disclosed February 5, 2014    Zeroday : 173 days
Vendors: PosterSW
Vulnerability Severity: High
Exploit Impact: Remote Code Execution
Exploit Availability: No Exploit Available
Categories:
Zeroday Tracker
scmag1-98x98

BeyondTrust Receives 5 Star Rating from SC Magazine

Posted February 4, 2014    Sarah Lieber

Recently our UVM20 Security Management Appliance received a perfect 5-star review + “Best Buy” recognition from SC Magazine. Read the full review here. The UVM20 includes several pre-installed and pre-configured solutions: Retina Network Security Scanner, PowerBroker for UNIX/Linux, and PowerBroker for Windows, plus our patch management, regulatory reporting and configuration compliance modules — in addition…

Categories:
Vulnerability Management
Tags:
, , , , , , , ,
5things-oraclebtwebinar-screenshot

The 5 Things Every Linux Administrator Should (and Should Not) Do When It Comes to Privileged Account Management

Posted February 3, 2014    Sarah Lieber

When it comes to privileged account management the list of things an administrator can do to protect their environment is seemingly never ending. Last week we hosted a webinar with Oracle Linux and presented a list of 5 things every Linux administrator should, and should not, do when managing privileged accounts. Given the current security…

Categories:
Vulnerability Management
Tags:
, , , , ,
bloofoxcms

bloofoxCMS Multiple Vulnerabilities

Disclosed January 31, 2014    Zeroday : 178 days
Vendors: bloofoxCMS
Vulnerability Severity: Medium
Exploit Impact: Cross-Site Scripting
Exploit Availability: Publicly Available
Categories:
Zeroday Tracker
jawbone-up

We’re Getting Pumped up for RSA

Posted January 30, 2014    Sarah Lieber

Here at BeyondTrust we’re getting pumped up for RSA, which takes place Feb 24th – 27th, 2014! This year in San Francisco we’re going to demonstrate how our PowerBroker Privilege Management and Retina Vulnerability Management solutions ensure that IT environments are healthy and ready to fend off threats. We’ll also be featuring some amazing “feats…

Categories:
Vulnerability Management
Tags:
, , , , ,
Target

Retina Audits for Target POSRAM Malware

Posted January 29, 2014    BeyondTrust Research Team

By now, you’ve heard of the POSRAM malware used against retail giant Target to steal customers’ payment card information from point-of-sale terminals. If you have not heard of POSRAM, or are unfamiliar with how it works, the malware scans processes’ memory for credit card information and periodically uploads that information to an attacker controlled server….

Categories:
Vulnerability Management

Retina Performs Continuous Vulnerability Assessment

Posted January 28, 2014    Morey Haber

SANS Critical Control 4 specifies criteria for continuous vulnerability assessment and remediation. This specification calls for vulnerabilities to be continuously assessed, correlated, and reported upon in real-time based on public disclosure and identification of new or changed assets. Critical Control 4 is mandated by many government agencies, and requires prompt automated remediation that adheres to…

Categories:
Vulnerability Management
Tags:
, , , ,