Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Similar documents
the SWIFT Customer Security

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

Mapping BeyondTrust Solutions to

SailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities

THE FIVE DEADLY SINS OF PRIVILEGED ACCESS MANAGEMENT

SYMANTEC DATA CENTER SECURITY

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cloud Customer Architecture for Securing Workloads on Cloud Services

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection

Crash course in Azure Active Directory

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

Managing Your Privileged Identities: The Choke Point of Advanced Attacks

Transforming Security Part 2: From the Device to the Data Center

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Microsoft Security Management

Best Practices in Securing a Multicloud World

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Identity & Access Management

ForeScout Extended Module for Splunk

WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX

Securing Digital Transformation

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

ClearPass Ecosystem. Tomas Muliuolis HPE Aruba Baltics lead

The threat landscape is constantly

A Technical Solutions Guide for Privileged Password & Session Management Use Cases

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

CIS Top 20 #5. Controlled Use of Administrative Privileges

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

CLOUD WORKLOAD SECURITY

Five Essential Capabilities for Airtight Cloud Security

Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape

Next Generation Privilege Identity Management

Go mobile. Stay in control.

Cybersecurity Roadmap: Global Healthcare Security Architecture

8 Must Have. Features for Risk-Based Vulnerability Management and More

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Secure & Unified Identity

CSP 2017 Network Virtualisation and Security Scott McKinnon

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Reinvent Your 2013 Security Management Strategy

Modern Database Architectures Demand Modern Data Security Measures

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

PowerBroker Password Safe Version 6.6

Qualys Cloud Platform

Copyright 2011 Trend Micro Inc.

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Security Readiness Assessment

CLOUD SECURITY CRASH COURSE

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

MOVE BEYOND GPO FOR NEXT-LEVEL PRIVILEGE MANAGEMENT

RSA NetWitness Suite Respond in Minutes, Not Months

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

The Evolution of Data Center Security, Risk and Compliance

PLANNING AZURE INFRASTRUCTURE SECURITY - AZURE ADMIN ACCOUNTS PROTECTION & AZURE NETWORK SECURITY

Implementing NIST Cybersecurity Framework Standards with BeyondTrust Solutions

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

AKAMAI CLOUD SECURITY SOLUTIONS

6 Key Use Cases for Securing Your Organization s Cloud Workloads. 6 Key Use Cases for Securing Your Organization s Cloud Workloads

Managing the Risk of Privileged Accounts and Passwords

Securing Your Most Sensitive Data

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

VMware Hybrid Cloud Solution

Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Building a Resilient Security Posture for Effective Breach Prevention

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

CS 356 Operating System Security. Fall 2013

Industrial Defender ASM. for Automation Systems Management

Microsoft Azure Integration and Security. Course Code: AZ-101; Duration: 4 days; Instructorled

How NOT To Get Hacked

SOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE

Cloud Essentials for Architects using OpenStack

CloudSOC and Security.cloud for Microsoft Office 365

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

Stopping Advanced Persistent Threats In Cloud and DataCenters

Comprehensive Database Security

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Secure access to your enterprise. Enforce risk-based conditional access in real time

BUYER S GUIDE EVALUATING VULNERABILITY ASSESSMENT SOLUTIONS

2017 Annual Meeting of Members and Board of Directors Meeting

External Supplier Control Obligations. Cyber Security

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

Automating Security Practices for the DevOps Revolution

Regaining Our Lost Visibility

First Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Transcription:

Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com

Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing Cloud, DevOps & IoT o Privilege Security Threats PAM & Privilege Security Maturity o Privileged Access Management o Privilege Security Maturity Model How BeyondTrust Helps

The Next-Gen Threat Landscape

Infonomics Innovation Leader "Infonomics 30+ years is of the firsts theory, study, and discipline of asserting economic 1 st fully-integrated significance PAM to information. and VM platform It provides the framework for businesses to monetize, manage, and measure 1 st PAM information vendor on as all major an actual cloud asset. marketplaces 1 st to provide vulnerability insights to inform privilege decisions 1 st Unix/Linux, Mac and network device PAM solution Infonomics endeavors to apply both economic and asset management principles and practices to the valuation, Strong roadmap Patented technology handling, and deployment of information assets." Active threat response 7 patents granted Context-aware PAM SaaS-based PAM platform DevOps secrets management 10 pending - Infonomics: How to Monetize, Manage, and Measure Information as an Asset for Competitive Advantage by Douglas B. Laney

Notable Breaches Credentials hacked Unpatched software exploited; amplified by excessive privileges Credentials stolen 95% 28% 80% of security breaches involve privileged credentials Forrester Wave: Privileged Identity Management, Q3 2016 of critical vulnerabilities in Microsoft systems could be mitigated by removing admin rights 2018 Microsoft Vulnerabilities Report of breaches involve insiders (and growing) 2018 Verizon Data Breach Investigations Report

The Cyber Attack Chain 1. Perimeter Exploitation 2. Privilege Hijacking & Escalation 3. Lateral Movement & Exfiltration Attacker exploits asset vulnerabilities to gain entry Vulnerable Systems hijacks privileges or leverages stolen/cracked passwords Unmanaged Credentials and Excessive Privileges and compromises other network resources. Limited Visibility

Expanding Accounts Remote Employees DevOps / A2A / A2DB Cloud & IoT The New Enterprise More people, processes and technology have access to your systems and data than ever before. Mainstream adoption Internal Employees Partners & Contractors WWW Mobile DevOps 60% IoT 56% Cloud 15% Client- Server Evolving Infrastructure

Attack Surface Evolution Cloud & Hybrid Cloud Cloud Management Platforms (AWS, Azure) Virtualized Environments (VMWare, MSFT) Virtualized Machines (UNIX, Linux, Windows) SaaS Apps (Facebook, LinkedIn, Custom) Internet of Things Roaming workstations BYOD Cameras Sensors Printers More On-Premise Shared Administrator Accounts Desktops (Windows, Mac) Servers (Unix, Linux, Windows) Industrial Control Systems Security Infrastructure Network Infrastructure Applications & Application Servers Databases & Database Servers Machine Credentials (AtoA) Hypervisors & Virtual Machine DevOps DevOps Tools Dynamic Virtual Environments Containers Microservices More Privileged Accounts SaaS Admins Cloud Admins Application Admins Privileged End Users Developers Machine Password & Keys

Cloud

Secure Cloud Enablement RESTRICT PRIVILEGES Privileged Management DISCOVER & INVENTORY Asset Management SCAN FOR VULNERABILITIES Vulnerability Management SEGMENT NETWORKS Network Design Cloud Security ENSURE CONFIGURATION COMPLIANCE Hardening and Best Practices Secure cloud enablement requires a multidisciplinary strategy! ENFORCE APPROPRIATE CREDENTIAL USAGE Least Privilege Management ELIMINATE HARD-CODED PASSWORD GAIN ACCOUNTA- BILITY OVER SHARED ACCOUNTS Password Management A2A Security

Secure Cloud Transformation In the cloud From the cloud Into the cloud The New Cloud Perimeter Cloud Management Platforms Shared Administrator Accounts Servers (Unix, Linux, Windows) Applications & Application Servers Databases & Database Servers Machine Credentials (A to A) Security & Network Infrastructure Hypervisors & Virtual Machines SaaS Applications DevOps Environments Containers & Micro Services IoT Devices Virtual Machines, Dedicated Hardware Marketplace Applications IaaS, PaaS, & SaaS

Privilege Management for the Cloud Cloud-Agnostic Private, Public and Hybrid Environments License flexibility Asset inventory integration Docker and container aware Discover online & offline instances Leverage Hypervisor APIs Agent technologies Respects OA and application hardening Fully automated for passwords & API Auditing, reporting and change-aware Proxy access Session management Regulatory compliance

DevOps

DevOps Security Strategy RESTRICT PRIVILEGES DISCOVER & INVENTORY ELIMINATE HARD- CODED PASSWORDS GAIN ACCOUNTABILITY OVER SHARED ACCOUTS Privilege Management Asset Management A2A Security Password Management Secure DevOps Network Design Least Privilege Management Vulnerability Management Hardening and Security Best Practices SEGMENT NETWORKS ENFORCE APPROPRIATE CREDENTIAL USAGE SCAN FOR VULNERABILITIES ENSURE CONFIGURATION COMPLIANCE

Privilege Automation for DevOps Only allow approved assets; identify unacceptable variations Identify security risks and automatically remediate them Ensure configuration hardening Eliminate all locations for hardcoded credentials Platform-agnostic, from cloud to on premise Limit all users, including privileged access, in the DevOps automated workflow Provide security and performance visibility to ensure security and automation success

IoT / IIoT

Privilege Management for IoT, IIoT, ICS,SCADA Zones Internet Communications and Restricted Lateral Movement Privileged Access Segmentation Public Private Air-Gapped Users Servers DMZ Guest Dumb Devices Device Type & Risk IoT IIoT ICS SCADA

The Privileged IoT Perspective IoT asset and inventory management Risk assessment with vulnerability management Password management and privileged session access Command line least privilege management Policy and script repository

Privilege Security Threats

Privilege Security Threats Guessing Dictionary attacks Brute Force Pass the Hash Security questions Password resets Vulnerabilities Misconfigurations Exploits Malware Social engineering MFA flaws Default credentials Anonymous Predictable Shared credentials Temporary Reused Insider Threats External Threats Hidden Threats

Accountability for Privileges Privileged account discovery Develop permissions model Rotate passwords and keys Workflow process and auditing Define session monitoring Segmentation User behavior analysis

Privileged Access Management & Privilege Security Maturity

Privileged Access Management Provides an integrated approach to enterprise password management ENTERPRISE PASSWORD MANAGEMENT Enforces least privilege on all endpoints without compromising productivity or security Ensures administrator and root compliance on Unix, Linux, Windows and Mac Identifies high-risk users and assets by teaming behavioral analytics and risk data with security intelligence from best-of-breed security solutions ACTIVE DIRECTORY BRIDGING USER BEHAVIOR MONITORING Privileged Access Management PRIVILEGE MANAGEMENT SESSION MANAGEMENT Achieves unified visibility over accounts, applications, and assets that they protect ADVANCED REPORTING & ANALYTICS

Maturity The Journey to Privilege-Centric Security IT ECOSYSTEM INTEGRATION NEW ENTERPRISE DEPLOYMENT: CLOUD, DEVOPS, NETWORK/IOT/ICS/SCADA UNIFIED MANAGEMENT, REPORTING & THREAT ANALYTICS Asset discovery & vulnerability scanning Account discovery A2A & A2DB Password/key storage & rotation Session recording & monitoring Session management FIM, VBAM, event log monitoring Endpoint least privilege / command elevation & delegation FIM, system-level control Server least privilege / command elevation & delegation IDENTIFY & INVENTORY IMPROVE ACCOUNTABILITY & CONTROL OVER SHARED CREDENTIALS ELIMINATE EXCESSIVE PRIVILEGES & GAIN GRANULAR COMMAND AND TASK-LEVEL CONTROL Time

About BeyondTrust

Privilege-Centric Security for the New Enterprise Risk- Based Accounts for user & asset risk Dynamic Locations, teams, contexts Identity- Focused Not network focused Privilege security solutions control, monitor and audit privileged access to systems and data across the expanding enterprise. Centralized & Modular Integrates w/ best-of-breed solutions Future- Ready Built for nextgen IT environments

PowerBroker Privileged Access Management Platform Password & Session Management Secure Remote Access Privilege Management Infrastructure Endpoints Gain accountability over shared accounts Eliminate hard-coded passwords Monitor privileged sessions and user behavior Enforce appropriate credential usage Secure credentials with Privileged Identity and manage sessions with Privileged Access Empower and protect your service desk with the most secure Remote Support software Eliminate Admin\root rights Enforce Application & command control Efficiently delegate Windows, Mac, Unix & Linux privileges and elevate Enforce appropriate use Risk based privilege decisions Cloud Hybrid On-Premise

Innovation Leader 30+ years of firsts 1 st fully-integrated PAM and VM platform 1 st to provide vulnerability insights to inform privilege decisions 1 st PAM vendor on all major cloud marketplaces 1 st Unix/Linux, Mac and network device PAM solution Strong roadmap Active threat response Context-aware PAM SaaS-based PAM platform DevOps secrets management Patented technology 7 patents granted 10 pending

PAM Industry Leader Leader: Forrester PIM Wave, 2016 Leader: Gartner Market Guide for PAM, 2017 Table1. PASM Vendors and Their Key Capabilities

Morey J. Haber 20+ years security experience Articles on Secure World, Dark Reading, CSO Online, etc. Author of Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations & Asset Attack Vectors (covering Vulnerability Management) both available from Apress Media

Questions? Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback