BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Understanding Who Has Access to What with BeyondInsight v5.1

Posted April 15, 2014    Morey Haber

Today, it’s my pleasure to introduce you to BeyondInsight version 5.1, the latest release of our IT Risk Management platform, which unifies several of our solutions for Privileged Account Management and Vulnerability Management.

BeyondInsight v5.1 embodies BeyondTrust’s mission to give our customers the visibility they need to make smart decisions and reduce risk to their IT assets and users. In my next few posts, I’ll share details on some key new features that deliver upon this mission, including:

  • New Asset Profile Data: view users, services and permissions for all detected network systems
  • QualysGuard Cloud Connector: seamlessly import QualysGuard vulnerability assessment data and view together with vulnerability data from Retina CS and other solutions
  • Custom Vulnerability Alerts: trigger custom, targeted email alerts of new or updated vulnerability audits in the Retina CS Vulnerability Management database
  • Exploit Availability Filter: isolate vulnerabilities and Smart Groups targeted by known, active exploits

As you can tell from the title of this post, we’ll start with a closer look at Asset Profile Data, which delivers increased visibility by providing asset drill-down information with complete details of all local user accounts on any given asset. The BeyondInsight console now enumerates users and permissions for each system it detects during Asset Detection and Profiling. This enables security and IT operations teams to easily identify rogue accounts and misappropriated privileges.

Consider the example in the screenshot below, which depicts user details for a particular Windows system:

BI5 1-Users

This sample workstation has several accounts for solutions created by BeyondTrust – plus a local user account for the system’s owner. This user account is in the Administrator Group and represents a policy violation for many organizations. In a typical environment, end users should not have local accounts, and they definitely should not have administrative privileges for their systems! Fortunately, with BeyondInsight v5.1, you can view this information in the user interface, document it in automated reports, and even monitor it via Smart Rules with alerts if a user attempts to create a new account on a system.

Do you have this kind of visibility into your assets today?

This detailed asset profile data doesn’t stop with BeyondInsight reporting. For instance, the next release of PowerBroker Password Safe, now in beta, will include BeyondInsight platform capabilities. Password Safe users will therefore be able to leverage asset profile data as they control, vault, and audit access to privileged user and service accounts.

Asset Profiling, along with BeyondInsight’s other platform capabilities, enables unprecedented collaboration and coordination between your privilege and vulnerability management initiatives. As a result, you gain visibility into who has access to what, which risks threaten your users and assets, and what to do to strengthen security and achieve compliance.

> Download the BeyondInsight v5.1 New Features Overview
> Request a free trial
> Learn more about BeyondInsight

Tags:
, , , , , , , , , , , ,

Leave a Reply

Additional articles

dave-shackleford-headshot

Your New Years Resolution: Controlling Privileged Users

Posted January 27, 2015    Dave Shackleford

Is 2015 the year you get a better handle on security? The news last year was grim – so much so, in fact, that many in the information security community despaired a bit. Really, the end-of-the-year infosec cocktail parties were a bit glum. OK, let’s be honest, infosec cocktail parties are usually not that wild…

Tags:
, , ,
flash-logo

Adobe Patches Zero-Day Flaw Being Exploited in the Wild

Posted January 22, 2015    BeyondTrust Research Team

Earlier this week, French malware researcher Kafeine reported on a new Adobe Flash zero-day vulnerability that was being exploited in the wild using the latest versions of the Angler Exploit Toolkit. “Any version of Internet Explorer or Firefox with any version of Windows will get owned if Flash up to 16.0.0.287 (included) is installed and enabled”…

Tags:
, , , , ,

Your Data Security Strategy Starts with Deploying a Least Privilege Model (part 2 of 2)

Posted January 22, 2015    Scott Lang

In last week’s blog, we talked about how controls and accountability must be put into place so that only the right folks can access data and the systems on which that data resides, and that employing a least privilege model helps to achieve that and more. We’re using conclusions and data from a recent report…

Tags:
, , , ,