PowerBroker Endpoint Protection Platform:
Comprehensive APT Protection
Integrated multi-layered endpoint protection in a single, lightweight client that replaces multiple security agents, protecting against Advanced Persistent Threats (APTs), known exploits, zero-days, and all other attack vectors.
Integrated Firewall, IPS, Anti-Malware, Anti-Virus and Vulnerability Assessment
Targeted attacks can easily bypass anti-virus solutions and other individual lines of defense, necessitating multi-layered endpoint protection. The PowerBroker Endpoint Protection Platform eliminates the need to implement and manage multiple point products by combining system and application firewalls, intrusion prevention, anti-malware, anti-virus, and local vulnerability assessment capabilities. PowerBroker Endpoint Protection secures systems from entire classes of attack, without constant rule or signature updates.
- Protect critical endpoints with an all-in-one firewall, IPS, anti-malware, anti-virus solution
- Conduct local vulnerability assessments of air-gapped and otherwise disconnected systems
- Protect web servers and web applications against exploits, zero-days, and unauthorized access (optional)
- Reduce system management costs with a "no-touch" solution that eliminates the need for constant updates
- Rely on updates from the renowned BeyondTrust Security Research Team
- Comprehensive APT Protection
- Defend desktops and web servers (optional) against viruses, spyware, worms, Trojans, and other malicious exploits including zero-days.
- Reduced Endpoint Protection Costs
- Eliminate the licensing and support costs associated with buying and maintaining multiple endpoint security products. Lower system requirements by over 50% compared to the memory footprint of maintaining 5+ discrete endpoint security products.
- Specialized Protection for Desktops, Servers and Web Servers
- The PowerBroker Endpoint Protection Suite is available in three versions that are configured and tuned for specific system types.
- Centralized Management and Analytics
- Leverage with the optional BeyondInsight IT Risk Management Platform for centralized management, agent deployment, real-time alerting, compliance reporting, and behavioral analysis.
APT & SYSTEM PROTECTION
- Application Control: Authorize or deny program file execution based on custom policies.
- Registry Protection: Stop malicious programs or errant users from infecting or modifying systems.
- Storage Protection: Prevent data leakage by regulating USB and FireWire storage devices.
INTRUSION PREVENTION / ZERO-DAY PROTECTION
- Zero-Day Protection: Provides protection for systems containing vulnerabilities with no available patches.
- Event Analysis: Forward attack events to the BeyondInsight console (optional) for centralized reporting, alerting and management.
LOCAL VULNERABILITY SCANNING
- Offline Coverage: Perform local vulnerability scanning when local credentials and more frequent scans are required.
- Exposure Identification: Find missing patches, unsecured configurations, and zero-day vulnerabilities.
Virus and Spyware Protection
- Infection Prevention: Provides complete signature and heuristics-based attack protection.
- Event Analysis: Forward malware events to the BeyondInsight console (optional) for centralized reporting, alerting and management.
File Integrity Monitoring
- Visibility: Specify files and directories to monitor.
- Control: Authorize changes by caller and attributes.
- Protection: Tamper-proof systems and applications.
- Traffic Control: Performs traditional firewall duties, allowing or denying traffic based on a set of predetermined rules.
- Real-Time Source Monitoring: Only allows traffic from authorized applications, preventing unauthorized programs from making illegal outbound connections.
WEB SERVER PROTECTION (OPTIONAL)
- Attack Protection: Thwart buffer overflows, parser evasions, directory traversals, and many other attack types.
- Pattern Detection: Block requests resembling attack patterns such as SQL injection, cross-site scripting, and more.
- Zero-Day Protection: Eliminate the need for a database of attack signatures that requires regular updating.
- Damage Prevention: Detect attacks and prevent unauthorized access and/or damage to the web server and host applications.
- Application Support: Support and protect all common web-based applications, plus many third-party and custom applications.
PowerBroker Endpoint Protection Platform
Download this overview document containing capabilities, highlights and competitive advantages of PowerBroker Endpoint Protection Platform. PBEPP integrates multi-layered endpoint protection in a single, lightweight client to protect against known exploits, zero-day attacks, malware, and all other attack vectors. BeyondTrust’s award-winning endpoint protection solutions are available as standalone products or as key components for our Security In Context offerings.
Auditing stinks. Well, mostly stinks. In this on demand webinar, lead by Group Policy MVP Jeremy Moskowitz, you’ll learn the three key tenets to real Group Policy auditing. Tenet 1: Why do you care about Group Policy auditing? Tenet 2: How does Eventing help you know “Who did what?” Tenet 3: How does Reporting tell you... more
Earlier this year Dell’s SecureWorks published an analysis of a malware they named “Skeleton Key”. This malware bypasses authentication for Active Directory users who have single-factor (password only) authentication. The “Skeleton Key” attack as documented by the SecureWorks CTU relies on several critical parts. more
We’re very excited to announce the release of PowerBroker for Windows 6.0, the industry’s first identity management solution able to leverage least privilege and vulnerability data scanned by the award winning Retina CS Threat Management Console. This allows our customers to take a system’s overall risk into context when deciding what level of privileges a user or... more
Last week, news broke that the U.S. Department of Labor’s (DoL) website was compromised… and that it had been serving up Internet Explorer 0day to its visitors. This 0day, CVE-2013-1347 (Retina Audit 19041 – Microsoft Internet Explorer 8 Remote Code Execution Vulnerability (Zero-Day)), only affects Internet Explorer 8 on Windows XP, Vista, and Windows 7 (as well as Server 2003,... more
This blog post was first posted on Wired.com on January 22nd, 2013. It can be found, in it’s original formatting, here: http://insights.wired.com/profiles/blogs/it-security-s-best-kept-secret-hiding-in-plain-sight There’s a reason the old saying “an ounce of prevention is worth of a pound a cure” resonates in so many situations – because it’s true.... more
It has been a long time since any vendor has introduced game changing features to end point protection solutions. We have seen claims of better anti-virus protection, advanced persistent threat protection (APT), and even claims of massive resource savings using their latest versions. BeyondTrust believes in a defense in depth approach to end point protection... more
Let’s assume your business is near perfect. You have a proven and reliable vulnerability management lifecycle in place and identification of vulnerabilities and patch remediation happens like clockwork. Finding lingering threats or missing patches is a rarity and even your endpoint protection solution never fails catching the latest malware. Like I said, a near perfect... more
Traditional anti-virus solutions that rely on blacklisting malware are insufficient to protect today’s systems from the plethora of threats. Security vendors have evolved endpoint protection solutions to include firewalls, host-based intrusion prevention solutions, and even proactive application protection capabilities in order to defend against the evolving threat landscape. Unfortunately, many businesses still rely on anti-virus... moreSee all PowerBroker Endpoint Protection Platform blog posts
PowerBroker Endpoint Protection Platform and BeyondInsight
PowerBroker Endpoint Protection Platform is part of the BeyondInsight IT Risk Management Platform, which unifies Retina CS Enterprise Vulnerability Management with available PowerBroker privileged account management solutions. Capabilities include:
- Centralized solution management and control via common dashboards
- Asset discovery, profiling and grouping
- Reporting and analytics
- Workflow and ticketing
- Data sharing between Retina and PowerBroker solutions
The result is a fusion of user and asset intelligence that allows IT and security teams to collectively reduce risk across complex environments.