BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Sneak Peek at PowerBroker Desktops 5.3 UI Enhancements

Posted August 8, 2012    Peter McCalister

Over the past several months, our development team in North Andover, MA, has been working hard on the next release of PowerBroker Desktops, which we plan on releasing in late August. The overarching theme for this release is enhancements to usability and aesthetics. Over the next several days, we will be posting a series of blogs that describe the new features in detail. Today, we’ll talk specifically about some of the new user interface elements in the product.

We have improved the user inteface in a few different ways to make it easier to navigate, reduce clicks, and make the product more intutive than ever. The first thing we did was consolodate some functionality that was spread accross several tabs. We have consolodated the Permissions, Privileges and Integrity Level tabs into what we call a Token tab. The token tab also includes the process security functionality that BeyondTrust pioneered several years ago. Here’s a screenshot of what it looks like:

We also eliminated the Common Tab and moved the functionality to the first page in the UI, and new Action options to make it easier to manually create policies. The Action options now allow you to automatically set the appropriate permissions and privileges to elevate apps and drop rights on applications, without having to visit multiple tabs in the UI.

Several of you have been asking to be able to apply policy to groups of rules. We moved some common functionality to the collections level, so that you can apply functioanlity to multiple rules instead of just to each individual rule. In addtion to being able to apply a message box and Item Level Targeting to all of the rules in a collection, you can now apply a common action. All rules that get created within a collection inherit the action defined at the collection level.

These are just a few of the user interface improvments that will be released in the next version, and we are excited to get it in your hands to check out. In the next blog post, we will be describing some of the other improvemnts that we have made to the product, so stay tuned.

Leave a Reply

Additional articles

How To Implement The Australian Signals Directorate’s Top 4 Strategies

Posted October 20, 2014    Morey Haber

The Australian Signals Directorate (ASD), also known as the Defence Signals Directorate, has developed a list of strategies to mitigate targeted cyber intrusions. The recommended strategies were developed through ASD’s extensive experience in operational cyber security, including responding to serious security intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. These recommendations…

Tags:
, , , ,
asp-mvc

Exploiting MS14-059 because sometimes XSS is fun, sometimes…

Posted October 17, 2014    BeyondTrust Research Team

This October, Microsoft has provided a security update for System.Web.Mvc.dll which addresses a ‘Security Feature Bypass’. The vulnerability itself is in ASP.NET MVC technology and given its wide adoption we thought we would take a closer look. Referring to the bulletin we can glean a few useful pieces of information: “A cross-site scripting (XSS) vulnerability exists…

Tags:
4bestpracticesaudits-blog

Four Best Practices for Passing Privileged Account Audits

Posted October 16, 2014    Chris Burd

Like most IT organizations, your team may periodically face the “dreaded” task of being audited. Your process for delegating privileged access to desktops, servers, and infrastructure devices is a massive target for the auditor’s microscope. An audit’s findings can have significant implications on technology and business strategy, so it’s critical to make sure you’re prepared…

Tags:
, , , ,