BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘security’

retinacs-dashboard

PowerBroker for Windows Policy Through Retina CS Web Services

Posted May 29, 2013    Morey Haber

PowerBroker for Windows has traditionally relied on Active Directory Group Policy to populate assets with the latest rules and policies. The technology also contains a utility for managing off-line systems called PBDeploy and has met the challenges for many organizations when a domain is not available for authentication. With the growing number of portable Windows…

Tags:
, , , , ,
guy-stress-m

Do you want to do this the “hard” way?

Posted May 28, 2013    Mike Yaffe

Too often I see people working on what they can fix, what is easy. It’s like when I exercise, if I see progress I keep working at it but the problem areas (there are a lot of them) can wait until tomorrow. Over the past several years I see organizations doing a better job with…

Tags:
, , , , ,
PIM-DefaultCricklewood

The Integrity of Files and Privileged Identity Management

Posted May 27, 2013    Morey Haber

The concept of privilege identity management allows for the elevation of applications and operating system functions to authoritative users based on rules and policies. While the basic context of the user does not have permissions to perform these tasks, the rules and policies in place provide a vehicle for them to operate in a privileged…

Tags:
, , , , ,
PBW-session-viewer

Session Monitoring Provides Context Aware Security for Windows

Posted May 23, 2013    Morey Haber

The Windows world is about to get a long overdue lesson from Unix. Privilege Identity Management does not stop at just logging that an application gets launched with elevated privileges; administrators need to know what the user does with that application, as well. Did they use the program within the guidelines of company policy or…

Tags:
, , , , ,
retina-virtual-graph

BeyondTrust Performs Vulnerability Assessment of VMware Solutions Better Than Anyone Else!

Posted May 15, 2013    Morey Haber

Retina from BeyondTrust performs vulnerability assessment of VMware solutions so incredibly, extremely, amazingly much better than anyone else…. Ok, I’m in product management and maybe marketing isn’t my forte, but let me explain to you in all seriousness why I think we’ve done something pretty special here. First, let me pose some real world questions…

Tags:
, , , , ,
RNSS-Video-Screenshot

Data Discovery using the Retina Network Security Scanner

Posted May 9, 2013    Morey Haber

One of the challenges facing every organization is locating where Personally Identifiable Information (PII) resides on workstations and servers. This data, by nature, is sensitive. However, if this data is not properly being tracked, secured, or even encrypted it can result in data loss. This type of data loss can result in a violation of…

Tags:
, , , , , ,
cnbc-uk-video-maiffret

CNBC Interview Featuring our CTO: Security Takes a Backseat in Tech

Posted April 22, 2013    Sarah Lieber

Marc Maiffret, our CTO, was interviewed earlier today in the UK on CNBC. He tells CNBC most aspects of society are being built around technology and most companies aren’t building technology with security in mind. In the interview, Marc states: “Most aspects of society today are being built around technology from every facet. If you…

Tags:
, , , , , ,
darkleech

A Brief Overview of Darkleech

Posted April 4, 2013    BeyondTrust Research Team

A piece of malware, Darkleech, has been making the news rounds as of late. This one targets web servers, specifically Apache 2.2.2 and above. Instead of merely compromising a web server and uploading malicious content to be served to unsuspecting victims, Darkleech goes a step further by installing a special module that is loaded by…

Tags:
, , , , ,
trojanhorse

Vendor-Disclosed Zero Days and Targeted Trojans

Posted April 3, 2013    BeyondTrust Research Team

Here at BeyondTrust, we are constantly keeping an eye on the underground parts of the internet, monitoring for things like zero day vulnerabilities and how malware authors are exploiting vulnerabilities in the wild. As such, we wanted to keep you apprised of a vulnerability that was addressed within VMware ESXi 5.0. A patch was released…

Tags:
, , , , , , ,
MandiantAPT1report

Mandiant APT1 report, some unanswered questions.

Posted February 21, 2013    Marc Maiffret

For the last several years there has been an increasing number of accusations being made against China and its military as being behind the systematic targeting of organizations throughout the world in a sophisticated hacking campaign to steal data and access to further China’s economic, military and social agendas. These accusations come from a mass…

Tags:
, , , ,