BeyondTrust

Security In Context

Bringing you news and commentary on solutions and strategies for protecting your critical IT infrastructure.

Session Monitoring Provides Context Aware Security for Windows

Post by Morey Haber May 23, 2013

The Windows world is about to get a long overdue lesson from Unix. Privilege Identity Management does not stop at just logging that an application gets launched with elevated privileges; administrators need to know what the user does with that application, as well.

Did they use the program within the guidelines of company policy or use it for some intentional or unintentional malicious activity? PowerBroker for Windows 6.0, which is due for general availability in a few weeks, has expanded its capabilities to capture processes, mouse clicks, keystrokes, and screen captures for elevated applications based on Rules.  And, to make it simpler, any rules including the ones you have deployed within your organization can be enabled for Session Monitoring:

PBW-Default-CricklewoodPolicy

After a session is captured, the data is compressed, encrypted, and securely transferred via policy to the Retina CS Threat Management Console. This data can be viewed, searched, and filtered to see exactly how privileged activity is used within your environment. Below is a sample from Retina CS 4.5 of what this looks like to an authorized administrator trying to change VMware workstation adapter settings:

PBW-session-viewer

The Unix world has known for a long time that recording these activities is critical for application security. PowerBroker for Unix & Linux does this natively and now with Retina CS 4.5 allows this data to be presented alongside its Windows counterparts in a single threat management console.  Regardless of platform, session and keystroke monitoring can be presented in one system. And, with the rest of BeyondTrust’s capabilities, full Privilege Identity and Vulnerability Management solutions are available as optional add-on modules.

BeyondTrust is redefining traditional security and helping companies understand the risk to users and assets. PowerBroker for Windows 6.0 allows Session Monitoring of user activity to identity the risk to applications running with elevated privileges. The art of measuring your information technology risk by user and application just got easier with BeyondTrust’s PowerBroker for Windows.

Launch a free evaluation today.

Tags:
, , , , ,

Additional articles

Vulnerability Expert Forum Highlights: April 2014

We had a great turnout for last week’s April 2014 Vulnerability Expert Forum (VEF) webcast. BeyondTrust Research experts, Carter and DJ, provided in-depth knowledge about the latest vulnerabilities and their potential impacts on network environments. Below are highlights from the Forum, plus an on-demand video of the presentation. Latest critical vulnerabilities, vendor patches, and zero-day…

Post by Chris Burd April 16, 2014
Tags:
, , , , ,
BI-5.1-user-asset-visibility-img

Understanding Who Has Access to What with BeyondInsight v5.1

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management. BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their…

Post by Morey Haber April 15, 2014
Tags:
, , , , , , , , , , , ,

PowerBroker for Unix & Linux Now Available via Web Services

This week BeyondTrust released a fully functional Web Services interface (REST API) for its PowerBroker for Unix & Linux product.  With this new feature users of the solution will now be able to remotely and securely configure and retrieve data via the API.  The Web Services interface implemented by BeyondTrust is an industry standard that…

Post by Paul Harper April 10, 2014
Tags:
, , , , ,