BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘least privilege’

gettingleastprivright-manandkey

Getting Least Privilege Right on Windows

Posted June 30, 2014    Morey Haber

Windows doesn’t make least privilege easy Enforcing least-privilege access policies on Windows has never been easy – especially given some fundamental flaws have haunted the OS since the mid-1990s. Consider the following permissions issues: Windows 95 and 98 had a logon screen and could even be joined to the domain, but users could bypass the prompt…

Tags:
, , , , , , , , ,
smart rules manager for vulnerabilities

Staying on Top of the Latest Vulnerabilities with BeyondInsight v5.1

Posted April 21, 2014    Morey Haber

It’s no secret that dozens of new OS and application vulnerabilities are revealed every day. Staying on top of these new exposures normally requires paying for services or subscribing to multiple RSS feeds. BeyondInsight 5.1 provides customers with another option: a built-in, customizable vulnerability alerting system that delivers up-to-date information on the latest vulnerabilities in…

Tags:
, , , , , ,
BI-5.1-user-asset-visibility-img

Understanding Who Has Access to What with BeyondInsight v5.1

Posted April 15, 2014    Morey Haber

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management. BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their…

Tags:
, , , , , , , , , , , ,

BeyondInsight: Privilege and Vulnerability Management Unification

Posted February 18, 2014    Morey Haber

Fifteen years ago there was a revolution in information technology operations. Different teams that managed networks and systems merged their practices and technology under frameworks like Computer Associates Unicenter and IBM Tivoli. Today, these solutions have evolved to CA Spectrum, SolarWinds, and SpiceWorks. These are all fantastic technologies that have proven that the fusion of…

Tags:
, , , , , ,

Least Privilege on Windows Desktops and Servers

Posted February 13, 2014    Morey Haber

We have all seen the news. Least privilege attacks on the NSA and companies like Target have lead to elevated privileges on sensitive systems and access to confidential data. Securing administrative privileges on desktops and servers is beginning to take center stage for many organizations since low level entry points are now being used to…

Tags:
, , , ,
BT_Privilege Gone Wild Infograpic v1

Privilege gone wild! Our latest survey finds privileged users are out of control.

Posted October 22, 2013    Sarah Lieber

Did you know that 40% of employees have unnecessary access rights? What about that over 25% of employees admitted to having retrieved information not relevant to their job like financial, reports, salary info, HR and personnel docs? Now have I caught your attention? As our latest security survey proves, insider threats continue to be a…

Tags:
, , , , , , , , , , , , ,
did you know

Did you know? Continuous Protection feature

Posted August 21, 2013    Morgan Holm

Did you know that the continuous protection feature in the PowerBroker Management Suite is unique in the market?  You may have heard it referred to as continuous recovery or continuous backup. What is it? – It’s like the undo feature found in MS Word but for Active Directory (AD). PowerBroker Auditor for Active Directory provides…

Tags:
, , , ,
PowerBroker-Events-Img2

Control Access and Reduce Risk

Posted June 14, 2013    Bill Virtue

In my last blog I discussed bringing the NOC and SOC closer together, providing IT Operations with tools that improve security. This week I’ll go into more specifics of the solution and show how PowerBroker for Windows is used by both IT Operations and Security Operations teams. The Challenge Supporting a security principle such as…

Tags:
, , , , , ,
NSA-breach

Think You’re Safe from Internal Threats? The NSA Breach Will Make You Think Twice.

Posted June 13, 2013    Rod Simmons

When reading a recent article in the USA Today about how Edward Snowden, a former Booz Allen Hamilton employee and NSA contractor, was able to steal sensitive data via non-specific vectors, I was reminded of the illusion that threats are predominately external to organizations. Even though we might not know exactly how Snowden was able to…

Tags:
, , , , , , , ,
IE-0day

Internet Explorer 8 0day

Posted May 6, 2013    BeyondTrust Research Team

Last week, news broke that the U.S. Department of Labor’s (DoL) website was compromised… and that it had been serving up Internet Explorer 0day to its visitors. This 0day, CVE-2013-1347 (Retina Audit 19041 – Microsoft Internet Explorer 8 Remote Code Execution Vulnerability (Zero-Day)), only affects Internet Explorer 8 on Windows XP, Vista, and Windows 7 (as well as Server 2003,…

Tags:
, , , , , , ,