Beyondtrust

Welcome to our content library. Feel free to browse.

Our security experts have compiled a plethora of resources together to help you get more value out
of BeyondTrust products and solutions.

ON-DEMAND Webcasts

Hacks, Breaches, and Vulns, Oh My! Reviewing this Year’s Top Security Events & Planning for 2015 w/ SANS Instructor, Dave Shackleford
Hacks, Breaches, and Vulns, Oh My! Reviewing this Year’s Top Security Events & Planning for 2015 w/ SANS Instructor, Dave Shackleford

Whew! The year 2014 has been quite a ride for security professionals. We’ve seen major data breaches, huge problems with open source libraries and software, new types of attacks on critical infrastructures and embedded devices, and much more.

Join SANS Instructor and Founder of Voodoo Security, Dave Shackleford for a webcast that will recap some of the most interesting and important security happenings from 2014, with an eye toward what to expect in 2015. He’ll also take a look at some ways you can possibly prevent some of the biggest issues from 2014 from happening all over again next year.

Uncovering the One Common Thread of all Major Attacks w/ Larry Brock, former CISO at Dupont
Uncovering the One Common Thread of all Major Attacks w/ Larry Brock, former CISO at Dupont

Today’s threats from advanced targeted attacks and privileged insiders require companies to significantly improve their abilities to manage their privileged accounts. In this webcast, Larry Brock, former CISO at Dupont, will discuss the one common thread of all recent major attacks; compromised privileged credentials.

Join this insightful webcast to find out why it is critical to address these threats and learn:

  • Why your CEO is concerned and what the business drivers are
  • Pitfalls to avoid when managing privileged credentials
  • Best practices for implementing least privilege and escalating privileges
  • Tips for session management and monitoring
  • What to look for in privileged account management suites


...or watch Larry give this presentation live at the 2014 Gartner IAM Summit:

Rewinding Sony Pictures: 5 Privilege and Password Management Strategies for Avoiding Epic Security Breaches
Rewinding Sony Pictures: 5 Privilege and Password Management Strategies for Avoiding Epic Security Breaches

The recent Sony Pictures breach was devastating and embarrassing on many fronts. Attackers exposed several violations of security best practices, revealed thousands of unprotected passwords, and published reams of sensitive information.

Join BeyondTrust for a webcast presentation that will explore what we know about the Sony Pictures breach and discuss password and privilege management strategies that would have contained the damage – if not prevented the initial compromise.

During the webcast, Rod Simmons, product group manager at BeyondTrust, will analyze the Sony Pictures breach and present practical tips for:

  • Protecting and rotating passwords
  • Monitoring privileged access to sensitive systems
  • Flagging suspicious user and system activity in real time
  • Securing connections via bastion hosts
  • Eliminating administrator privileges without hampering productivity

This presentation is ideal for IT and security leaders charged with protecting passwords and managing privileged access to critical infrastructure.

Your Operating System's Secrets: How to Audit and Detect Changes & Hidden  Launch of Malicious Code w/ Security Expert MVP, Paula Januszkiewicz
Your Operating System's Secrets: How to Audit and Detect Changes & Hidden Launch of Malicious Code w/ Security Expert MVP, Paula Januszkiewicz

Where would you look if you were required to gather information about changes and activities in your Active Directory or operating system? What would you do if an attacker got into your infrastructure, used a server’s misconfiguration, and created themselves an account? Those possibilities are endless and very frightening to any IT security person. The dark secrets your operating system may be hiding seem endless but there are ways to audit, trace, and protect beyond what you may actually see. Join Security Expert & MVP, Paula Januszkiewicz and see firsthand how to perform varying analyses and audits to gather evidence and identify malicious and unwanted actions within your infrastructure.

Join Security Expert, Paula Januszkiewicz in this engaging session and become familiar with:

  • Tracking system-related changes and updates
  • Establishing informative monitoring & auditing techniques
  • Identifying what areas malware may be leveraged
  • Tracing the steps of unnecessary changes or malicious activities
Executive Roundtable: Knocking Out IT Security Threats in 2015
Executive Roundtable: Knocking Out IT Security Threats in 2015

As we approach the end of 2014, it’s important to look back on the year in cybersecurity and reflect on what we can do better. 2014 was a year full of cybersecurity news, with companies and government entities of all sizes being severely impacted by internal and external threats. With the volume and veracity of hacks and breaches that took place this year, we have to ask ourselves important questions as we move into 2015, including:

  • How did our security programs measure up?
  • Where did we fall short?
  • How can we be better prepared and focused for 2015?

Join this engaging webcast with three seasoned security executives who will discuss their thoughts around the industry and their approach to tackling security in 2015. This interview and panel discussion will touch on their viewpoints from both vulnerability and privilege management perspectives, while addressing tough questions, including:

  • How can companies better prepare for and mitigate insider threats?
  • Are brute force attacks still an issue and something to look out for in 2015?
  • What is the value of cyber intel?
  • How can companies implement cybersecurity best practices?
  • What is the end state for cybersecurity?

Panelists: Marc Sachs, Vice President for National Security Policy; Geoff Hancock, Senior Cybersecurity Executive; Marc Maiffret, CTO at BeyondTrust

Interviewer: Mike Yaffe, VP of Marketing at BeyondTrust

Active Directory Auditing Tips to Reduce Clutter & Improve Security w/ Microsoft MVP, Darren Mar-Elia
Active Directory Auditing Tips to Reduce Clutter & Improve Security w/ Microsoft MVP, Darren Mar-Elia

In this webcast Darren Mar-Elia, Microsoft MVP, will show you how auditing works in Active Directory and how to configure and deploy it to reduce clutter and improve security. He’ll dive into how you can manage auditing using Group Policy, what the various audit events mean, and how you can configure auditing to get the most useful information around Active Directory changes.

He’ll also show live examples of configuring auditing and making sense of specific audit events, and how you can augment the default auditing in AD through changes to object SACLs.

Join this engaging webcast with Darren to learn:

  • How to configure AD auditing using Group Policy
  • Best practices for tuning auditing to reduce noise
  • How to modify what gets audited within AD
  • How to interpret native auditing events
Improving Student Outcomes without Compromising Security: The Higher Ed CISO in 2015 w/ Wayne Brown, Founder at CHECS
Improving Student Outcomes without Compromising Security: The Higher Ed CISO in 2015 w/ Wayne Brown, Founder at CHECS

The volume and veracity of attacks and breaches continues to rise and institutions of higher education are looking to the CISO to create an environment that mitigates risks without compromising the institution's mission or inhibiting student outcomes.

Attend this webcast and learn how the results of the CHECS survey of higher education CISOs and CIOs will help you define:

  • The state of your current information security program
  • The CISOs place in the organizational hierarchy and CIO and CISO opinions on the right place for the CISO
  • Attributes and skills needed for the role of CISO
  • How to prepare for the CISO role and the CISO career path
Improving Windows Security and User Empowerment w/ Derek Schauland, Microsoft MVP
Improving Windows Security and User Empowerment w/ Derek Schauland, Microsoft MVP

With the increase in malware, unintended installations, and the heavy reliance on administrative access on Windows desktops today, Microsoft's User Account Control (UAC) can be a good tool to use in keeping an environment secure against these ever-evolving threats. It's a good start but unfortunately UAC is not perfect.

Join this engaging webcast with Derek Schauland, Microsoft MVP, and learn how you can effectively amp up your Windows desktop security while still empowering users to get their jobs done. Learn how PowerBroker for Windows helps companies work with User Account Control to ensure that employees can access the applications they need without needing it to disable the feature.

Takeaways for this session:

  • Understanding the good and the bad of User Account Control (UAC)
  • See how UAC can work with other solutions to help keep systems secure and allow the empowerment of End Users
  • Be able to explain UAC to others on your team and throughout the organization so key players can see why certain decisions are necessary and why security should be a top priority
Boost Your IT Security for the Holiday Season
Boost Your IT Security for the Holiday Season

The holidays are generally a time for family, friends and cheer, but with all of this cheer comes something lurking in the dark; security breaches. As we prepare for the upcoming holiday season, it is imperative for organizations to understand the importance of implementing a security and compliance strategy. The most important components to address are least privilege, auditing, password management, and compliance.

Join this engaging webcast, hosted by Oracle and BeyondTrust, to learn how you can best protect your organization during the upcoming holiday season. By attending this webcast, you'll learn:

  • Why it's important to implement a least privilege strategy this holiday season
  • Understanding your organization’s data security compliance efforts
  • Managing and implementing least privilege with BeyondTrust PowerBroker & Oracle Linux
  • What you can do NOW to beef up your organization’s security & compliance program
Why Password Authentication is Broken, and How to Fix It w/ Dave Shackleford, SANS Instructor
Why Password Authentication is Broken, and How to Fix It w/ Dave Shackleford, SANS Instructor

At the beginning of August, a news story broke claiming that Russian hackers had stolen over a billion internet passwords. In later weeks, some skepticism was cast on that story in its entirety, but that story is really just another in a long line of password breaches.

This begs the question - why do we keep experiencing these breaches? What impact do they have, and how do we get ahead of this concern? In this webcast with SANS Instructor, Dave Shackleford, we'll examine some of the more high-profile password breaches in the recent year, and look at why these may be happening. We'll also explore how more attention to privileged account and vulnerability management can play a big role in getting a handle on these types of issues in your own environments.

What the Sleeping Security Guard Taught me about Privileged Account Management w/ Drew Maness, Chief Strategist at Cypro Solutions
What the Sleeping Security Guard Taught me about Privileged Account Management w/ Drew Maness, Chief Strategist at Cypro Solutions

A decade ago "Convergence" – the combining of physical and digital security – was heavily debated by the greater Infosec community. Convergence never really took traction. While similar in their tactics; loss prevention and cyber security’s approach to solving their respective problems are different. What could the IT Security professional have to learn from the sleeping security guard?

During this webcast, Drew Maness, Chief Strategist at Cypro Solutions, will discuss how his experience running a dual Loss Prevention and Digital Content Protection program enhanced his approach to cyber security and privileged account management. Drew will walk attendees through the importance of fusing together the concepts of physical security, workflow data classification, least privilege, and vulnerability management.

During this webcast Drew will also discuss:

  • Why identifying workflow and data movements is critical to internal and external risk reduction
  • Understanding the insider threat
  • How physical controls should complement your least privilege strategy
  • How to implement a holistic vulnerability and privilege management blueprint

This webcast is ideal for any IT Security professional interested in practical lessons from the real-life successes (and failures) of a true veteran in the field.

Tips for removing privileged credentials from Windows users without impacting usability w/ Russell Smith, Author and IT Security Consultant
Tips for removing privileged credentials from Windows users without impacting usability w/ Russell Smith, Author and IT Security Consultant

Join Russell Smith, author of Least Privilege Security for Windows 7, Vista and XP, and learn about strategies for securing end user accounts without negatively impacting usability. This webcast looks at using technologies native to Windows to minimize the risk of system and data compromise, including solving problems with legacy application compatibility in least privilege environments, application control, User Account Control (UAC), and embracing Microsoft’s new application architecture (Windows Store apps) in Windows 8.

During the session attendees will learn:

  • How the Application Compatibility Toolkit (ACT) can solve compatibility problems associated with legacy applications running in least privilege environments
  • Why using Windows 7 (and later) AppLocker is important in addition to removing administrative rights
  • Why User Account Control isn’t just about annoying security alerts
  • The security benefits of apps developed using the Windows Runtime (WinRT), and allowing users to install apps from the Windows Store
Turbocharging Group Policy Auditing: Upgrading Microsoft's 'Standard Equipment' w/ Jeremy Moskowitz, Group Policy MVP
Turbocharging Group Policy Auditing: Upgrading Microsoft's “Standard Equipment" w/ Jeremy Moskowitz, Group Policy MVP

Microsoft’s Group Policy is awesomely powerful. With one click, you can increase conformity to desktops, update look and feel settings, and increase overall desktop security. But when Group Policy Objects and their settings are created and edited, do you know what happens underneath the hood? An even better question is how do you audit these types changes? When you have a team of administrators, are you able to answer the questions; “who made what change?” and “did my setting actually make it there?”?

Join this engaging webcast with Jeremy Moskowitz, Group Policy MVP and Founder of GPanswers.com and PolicyPak Software, to learn exactly what’s possible with Microsoft’s in-the-box utilities and additional techniques to ensure that when you make changes, you have a true handle on what’s happening within your network.

Password Credential Theft Techniques and Prevention Methods w/ Microsoft Security Trusted Advisor, Paula Januszkiewicz

Wherever and whenever you log on to any Windows workstation or servers you leave your password credentials behind. The common knowledge is that when we set up our password in Windows it is hashed and stored either in SAM or a ntds.dit database in Active Directory. This is useful for verification purposes, but if your operating system can re-use the password it means others can decrypt it! Another thing is that when a hash is cached may be reused for authentication later.

Join Paula Januszkiewicz, Enterprise Security MVP and Microsoft Security Trusted Advisor, in this engaging webcast to learn about the famous pass-the-hash attack, learn the encryption and decryption techniques being used nowadays in systems, networks, and applications, and learn how to prevent password credentials from being leaked!

  • How to prevent password credential leakage in Windows
  • How credential attacks work
  • What is the role of cryptography for passwords in Windows
  • How Pass-The-Hash attacks work and how to prevent them
Know Thy User: An Actionable Guide to Privileged Account Management
Know Thy User: An Actionable Guide to Privileged Account Management

Organizations spend a significant amount of money on cyber security, but more often than not they don't focus on the right areas; internal threats. A key theme of security is Know Thy System & User. An organization cannot protect what it does not know about. Very often organizations focus their energy on advanced techniques but fail to build a proper privilege foundation that is required for success. Only by implementing least privilege, asset identification, configuration management and change control can an organization build security, inside and outside, that works.

In this engaging talk, Dr. Cole will discuss actionable items that show how to build a defendable network from the inside out. Find out what the top organizations are doing in setting up least privilege and access to properly protect their organizations.

Herding Cats: Best Practices for Windows Access Control and Privilege Management w/ Kevin Johnson, Secure Ideas
Herding Cats: Best Practices for Windows Access Control and Privilege Management w/ Kevin Johnson, Secure Ideas

It’s no secret that granting excessive privileges to Windows users is a breach waiting to happen, whether by malicious insiders or at the hands of an external attackers. But how do you rein in your end users without them hissing at every turn?

During this webcast, Kevin Johnson of Secure Ideas will present best practices for handling Windows authentication and access control. He will present techniques for discovering often-missed access and privilege issues within your organization's internal systems. You’ll also learn how to secure these problem areas without creating new headaches for your end-users (and yourself).

Key takeaways include:

  • A checklist of Windows access control and privilege pitfalls
  • Techniques for identifying and addressing problem areas
  • Tips for balancing security and end-user productivity
BadUSB: Is firmware the next major attack surface? w/ SANS Instructor, Dave Shackleford
BadUSB: Is firmware the next major attack surface? w/ SANS Instructor, Dave Shackleford

Recently, security researchers in Germany outlined a new type of USB firmware attack that could be used to completely hijack systems and introduce malware, redirect network traffic, and much more. Dubbed "BadUSB", this type of attack raises serious questions about hardware integrity, supply chain security, and how we currently prevent or detect deeply embedded malware. How can organizations prevent introduction of unauthorized devices that could potentially be infected with malware, at the firmware level?

Join Dave Shackleford, SANS Instructor & Founder, Voodoo Security in an engaging webcast where he'll discuss:

  • The "BadUSB" attack and other firmware security research and attacks of the last several years
  • Why you need to develop a sound supply chain security program
  • How privileged account and vulnerability management can help reduce your risk of unauthorized devices and related attacks
Vulnerability Management & Insider Threats from a Government Hacker’s Perspective with Marc Maiffret
Vulnerability Management & Insider Threats from a Government Hacker’s Perspective with Marc Maiffret

Government agencies are confronting a threat landscape which is increasing in complexity and sophistication. Vulnerability assessment tools play a critical role in protecting the network from internal and external threats. Establishing controls around privileged access requires special attention in order to guard against threats that have commonly been seen in the headlines and forced organizations to re-evaluate whom has administrative privileges and how are they being used.

Join our webcast to maximize your situational-awareness about:

  • Privilege Account Management to create an internal perimeter with privileged access policies, auditing, and reporting.
  • Fusing Vulnerability and Privilege Management towards a common goal of security and operations collaboration.
  • Continuously monitoring your infrastructure with agency-specific security control settings and dedicated reports.
  • Redefining Insider Threats – how they can begin from outside and become real problems on the inside.
Build the Best Line of Defense for Your Windows Desktops w/ Microsoft MVP, Darren Mar-Elia
Build the Best Line of Defense for Your Windows Desktops w/ Microsoft MVP, Darren Mar-Elia

What's your defense strategy to protect against internal and external threats on your Windows desktops? During this live webcast presentation, Darren Mar-Elia, Microsoft MVP and Contributing Editor at Windows IT Pro Magazine, will take a look at what it takes to secure your Windows desktops against today’s internal and external threats. He’ll examine the collection of technologies within the Windows client OS for securing your Windows desktops and keeping your users and networks safe.

Darren will look at User Account Control (UAC) and other technologies that can help get to least privilege on user desktops, application white-listing using AppLocker, IE protected mode, and related features that can help ensure your desktops are well managed and secured.

By attending this webcast, you’ll learn:

  • The various technologies in the current Windows OS for securing the desktop
  • The whys and hows of least privilege on Windows desktops
  • Best practices for securing your Windows desktops (including an overview of in-the-box and 3rd party solutions)
The Little JPEG that Could (Hack Your Organization)
The Little JPEG that Could (Hack Your Organization) w/ Cyber Security Manager & Microsoft MVP, Marcus Murray

It’s amazing how easily modern IT environments can be breached and traversed, making exhaustive privilege and vulnerability management programs more critical than ever.

Please join us for a live demonstration of how easy it is for attackers to completely compromise your network during a webcast with Marcus Murray, Cyber Security Manager at TrueSec.

In this awareness session, Marcus Murray will demonstrate a live hack where he uses a specially crafted JPEG picture to circumvent the security mechanisms of a modern Microsoft Windows server 2012R2 Webserver. He will also use this foothold to leverage elevated privileges to expand influence over the entire network and compromise a Windows Server 2012 R2 Domain Controller. You’ll learn:

  • How attackers can use seemingly legitimate files to open the door to your network
  • How unchecked privileged accounts can provide attackers with a free ride to critical systems and data
  • Which countermeasures you can take to increase security in your environment.
The Privileged Identity Management Health Check with guest speaker Andras Cser, VP and Principal Analyst with Forrester Research, Inc.
The Privileged Identity Management Health Check with guest speaker Andras Cser, VP and Principal Analyst with Forrester Research, Inc.

The purpose of this webcast is to help companies understand the importance of a Privileged Identity Management (PIM) platform and analyze recent PIM trends in threat mitigation, behavioral analytics, business user involvement, and cloud support. In this webcast, Cser offers his insight into the following four trends in PIM and how they can work for your business:

  • PIM as threat mitigation
  • Behavioral analytics to separate out anomalies
  • Business user and privileged user overlap
  • Organized and secured cloud operations

For more of Cser’s insight into PIM trends, and for Forrester’s view of what’s to come, view the on-demand webcast below.

Saving Time and Money with a Security Consolidation Strategy w/ SANS Instructor, Dave Shackleford
Saving Time and Money with a Security Consolidation Strategy w/ SANS Instructor, Dave Shackleford

Typically in smaller organizations IT folks wear many hats; operations, security, compliance, etc. Managing IT in a smaller sized organization has the same challenges as the larger ones, but with a greater limit on resources (people and dollars). Often smaller organizations have to make trade offs when it comes to security and compliance. This, coupled with the fact you are constrained to maximize your existing investments often leaves security as an afterthought.

Join SANS Analyst, Dave Shackleford in a webcast, where he'll discuss the various challenges SMBs face when implementing both vulnerability management and privileged account management programs, including technical and operational concerns. Dave will touch on:

  • The key benefits organizations can glean from working with vendors that offer best-in-class solutions for each of the critical controls
  • How compliance and auditing programs can achieve more effective results
  • Can consolidating vendors be the answer?
PowerBroker Password Safe 5.2: A New Approach to an Age-Old Problem
PowerBroker Password Safe 5.2: A New Approach to an Age-Old Problem w/ BeyondTrust Product Manager, Martin Cannard

Over the past several years, we've seen many cases where privileged user accounts were compromised as part of large-scale breaches. Your assets are only as strong as the weakest link, and attackers have shown how shared accounts can be easily exploited to gain unauthorized access.

This webcast will explore privileged account management challenges facing organizations today and highlight how PowerBroker Password Safe v5.2 can help you achieve compliance by controlling access to your business-critical information. You will learn:

  • How asset scanning and auto-discovery can help assess, control and maintain security for privileged accounts
  • How to ensure a positive end-user experience when implementing a password management solution
  • How integrated privilege and vulnerability management can bring greater context to daily security initiatives

AD Change Auditing: Separating the Good from the Bad
AD Change Auditing: Separating the Good from the Bad

Changes in AD are not like other infrastructure changes. Many changes, like updating a department name, might pose little risk. Other changes impact compliance and could dramatically impact user authentication and productivity across the organization. Even though AD is not typically subject to rigorous change control, there is value in having some change control around critical AD changes, but which changes make sense to control?

During this live webcast presentation, Darren Mar-Elia, Microsoft MVP and Contributing Editor at Windows IT Pro Magazine, will discuss AD auditing and what makes sense to monitor in AD and what’s a waste of time. You'll learn:

  • Which AD change scenarios make sense to put under change control
  • What you should be auditing for compliance and why
  • How to leverage AD auditing effectively
  • How to prevent AD changes that can hamper user productivity

This webcast is ideal for AD administrators that want to save time and effort, and security leaders responsible for reducing risk to their organization.

How to Stop Pass-the-Hash Attacks on Windows Desktops w/ SANS Instructor, Dave Shackleford
How to Stop Pass-the-Hash Attacks on Windows Desktops w/ SANS Instructor, Dave Shackleford

One of the most popular presentations at Microsoft TechEd demonstrated how simple it is to leverage password hashes stolen from a single end-user machine to compromise entire IT infrastructures. Unfortunately, most organizations still rely on ineffective techniques to prevent Pass-the-Hash from opening doors to attackers.

Join BeyondTrust and Dave Shackleford, SANS analyst and owner of Voodoo Security, for a discussion of how Pass-the-Hash attacks work and how to secure your organization against them. You’ll learn:

  • Why attackers love Pass-the-Hash and what puts you at risk
  • How to measure your susceptibility to Pass-the-Hash attacks
  • What to do to mitigate Pass-the-Hash threats in your environment

As an added bonus, all attendees will receive a free 30-day trial of PowerBroker for Windows, a privilege management solution that can prevent Pass-the-Hash attacks from wreaking havoc on your network.

CISO Peer Webcast: Aligning Privilege and Vulnerability Management w/ former Dupont CISO, Larry Brock
CISO Peer Webcast: Aligning Privilege and Vulnerability Management w/ former Dupont CISO, Larry Brock

In today's hectic threat environment, peers and mentors can provide fresh perspectives on tackling IT security challenges. With a 30-year career, including CSO of Dupont and security leadership positions at the U.S. NSA, Larry Brock is a good guy to have at your table. Join BeyondTrust for the first in a series of CISO Peer webcasts in which Larry will share actionable tips gleaned from working with some of the world's most security-conscious organizations.

During this first webcast in the series, Larry will discuss how to align your organization's privilege and vulnerability management activities for more agile and efficient risk reduction. You'll hear how he did this at Dupont and learn from case studies on:

  • Evolving risk management practices to stay current with business and compliance drivers
  • Understanding the connections between user- and asset-based risks in your environment
  • Facilitating streamlined, collaborative risk reduction between Security and IT Operations groups
  • Creating a prioritized action plan for addressing the imminent threats

This webcast is ideal for any security leader interested in practical lessons from the real-life successes (and failures) of a true veteran in the field.

CISO Peer Webcast: Aligning Privilege and Vulnerability Management w/ former Dupont CISO, Larry Brock
Is Your User Security Program Risky or Risk-Focused? w/ SANS Instructor, Eric Cole

It’s a fact: Poorly managed user privileges will torpedo otherwise secure IT infrastructure. Too often, security programs concentrate on the scan/patch cycle while losing focus when it comes to user security.

During this live webcast presentation, Dr. Eric Cole, a key participant in the development of the 20 Critical Security Controls (CSC) will share straightforward tips for implementing Controls 12 and 14-16, which are designed to mitigate user-based risk. You’ll learn:

  • How external attackers take advantage of excessive user privileges
  • What you should be auditing and what to look for in audit logs
  • Why “Need to Know” and “Least Privilege” should be part of your lexicon
  • How to monitor and control accounts without hampering user productivity

This webcast is ideal for security leaders responsible for reducing user-based risk in corporate or government IT environments.

Surviving the Vulnerability Data Maelstrom w/ SANS Instructor, Dave Shackleford
Surviving the Vulnerability Data Maelstrom w/ SANS Instructor, Dave Shackleford

Everyone knows that vulnerability management (VM) is best practice, but are you sure your vulnerability program is really working amidst all the noise? If your VM processes are like most, you're probably drowning in information, figuring data you can cling to, and wondering whether your scanning and reporting tools are revealing real risks (or just throwing every tiny issue at you). Join Dave Shackleford, founder of Voodoo Security and SANS senior instructor, for a BeyondTrust webcast covering:

  • How to isolate what's really important from reams of vulnerability data
  • Which factors most influence vulnerability risk and criticality in your environment
  • Who should be involved in the VM process, and how to motivate them with the right data
  • How to weave vulnerability management into your organization's broader day-to-day operations

Dave will also share his latest tips for keeping your vulnerability management processes efficient and effective in the current threat environment. You’ll walk away with practical guidance for improving your VM program today.

Leveraging AD as a Unified Identity Store with Group Policy MVP, Darren Mar-Elia
Leveraging AD as a Unified Identity Store with Group Policy MVP, Darren Mar-Elia

AD is in use in almost organization these days, to varying degrees. But there is a significant advantage in building a unified identity store on top of the directory. From authentication and authorization for users, to applications, to a variety of platforms, AD can provide a single “source of truth” for identifying people and their functions despite organizational changes.

In this webcast, Darren Mar-Elia, Group Policy MVP and Contributing Editor at Windows IT Pro Magazine, discusses the advantages of consolidating identity on AD, including greater ongoing control over access to corporate resources and a single platform to audit that use. He also looks at ways you can reduce your identity footprint by consolidating onto AD, and how it can help as you move into the world of cloud identity.

Accelerate and Simplify Deployment of PowerBroker using Oracle VM Template
Accelerate and Simplify Deployment of PowerBroker using Oracle VM Template

Oracle VM application-driven architecture is designed for rapid application deployment for both Oracle and non-Oracle workloads. Using Oracle VM Templates, entire application stacks can be pre-installed, pre-configured for rapid deployment. With Oracle VM Template for BeyondTrust's PowerBroker, customers can standardize the deployment of their security software, eliminate the installation and configuration costs, and reduce the ongoing maintenance and support costs, hence helping organizations achieve faster time to market.

Join us to hear from Oracle and BeyondTrust experts on how you can benefit from the combined solution to further automate and simplify the deployment of real security in your IT environment.

Are You a Target: Understanding What Happens in Breaches like Target's
Are You a Target: Understanding What Happens in Breaches like Target's

In this presentation, Kevin Johnson, SANS Senior Instructor and CEO of Secure Ideas, will walk through what we know of the breaches such as Target's, Macy's and Neiman Marcus. This 60 minute webcast will first look at the public information then walk through how the scenarios work. We will then outline some ways that you can find out if your organization has similar problems. Attend this webcast with Kevin Johnson to get a complete understanding of:

  • How attacks like the Target breach happen in the first place
  • The various attacks possible
  • The techniques that can be used to help prevent these problems in the future
Understanding & Prioritizing Today's Threats
Understanding & Prioritizing Today's Threats

Security is no one-size-fits-all endeavor. In this Webcast, you will learn from the experts how to determine and prioritize which threats apply to your enterprise and how to build in the appropriate defenses against today's constantly evolving attacks. This webcast will provide insight and advice from renowned security experts on how to:

  • identify which new and existing threats could be used against your organization
  • prioritize these applicable threats
  • pinpoint the proper security practices and processes to protect your resources
  • find possible weak links in your infrastructure that could be abused
  • establish a strategy for triaging new threats
Are Your Security Controls Built on Sand or Stone w/ Eric Cole of SANS
Are Your Security Controls Built on Sand or Stone w/ Eric Cole of SANS

Everyone knows that a house without a solid foundation will not last very long. However, when it comes to IT security, too many organizations focus on building a beautiful house without laying the proper foundation. During this presentation, Dr. Eric Cole, a key participant in the development of the 20 Critical Security Controls (CSC) will share straightforward tips for implementing Controls 1-4, which form the bedrock of the CSC:

  1. Inventory of Authorized and Unauthorized Devices
  2. Inventory of Authorized and Unauthorized Software
  3. Secure Configurations for Hardware and Software
  4. Continuous Vulnerability Assessment and Remediation

While seemingly straightforward, these controls are often overlooked or improperly addressed – as made evident by several recent breaches. You’ll learn:

  • Where big organizations stumble + why small companies aren’t safe
  • What you need to do to really understand what’s in your environment
  • How to move from vulnerability scanning to vulnerability management
  • How to integrate these practical controls into your daily operations
Part Two: Achieving HIPAA Compliance in Virtual Environments with BeyondTrust Privilege and Vulnerability Management Solutions
Part Two: Achieving HIPAA Compliance in Virtual Environments with BeyondTrust Privilege and Vulnerability Management Solutions

If your organization is migrating sensitive data to virtual data centers, you know that adhering to PCI DSS, HIPAA and other compliance mandates can be a challenge. Aligning internal security processes with regulations and generating reports is notoriously time-consuming and costly. BeyondTrust can help.

Please join BeyondTrust and Coalfire for a two-part webcast series focused on how you can leverage BeyondTrust Privileged Account Management (PAM) and Vulnerability Management (VM) solutions to fulfill specific PCI DSS and HIPAA requirements for virtual environments.

Part One: Achieving PCI Compliance in Virtual Environments with BeyondTrust Privilege and Vulnerability Management Solutions
Part One: Achieving PCI Compliance in Virtual Environments with BeyondTrust Privilege and Vulnerability Management Solutions

If your organization is migrating sensitive data to virtual data centers, you know that adhering to PCI DSS, HIPAA and other compliance mandates can be a challenge. Aligning internal security processes with regulations and generating reports is notoriously time-consuming and costly. BeyondTrust can help.

BeyondTrust and Coalfire host a two-part webcast series focused on how you can leverage BeyondTrust Privileged Account Management (PAM) and Vulnerability Management (VM) solutions to fulfill specific PCI DSS and HIPAA requirements for virtual environments.

Best Practices for Active Directory Auditing w/ Group Policy MVP, Darren Mar-Elia
Best Practices for Active Directory Auditing w/ Group Policy MVP, Darren Mar-Elia

Active Directory is THE identity store for many organizations — providing authentication and authorization for critical company resources. As a result, knowing what is changing within AD, whether it's group membership changes, user department changes or objects moving around the directory, you need to know about it in a timely manner to ensure that policies around data access and resource usage are consistent with your security and compliance needs. In this webcast, Darren will discuss the ins and outs of AD auditing, including:

  • How auditing works in modern versions of Windows Server
  • Best Practices for configuring AD auditing for maximum benefit and minimum noise
  • What you can expect from native AD audit data—the benefits and pitfalls
Fusing Privilege and Vulnerability Management with BeyondInsight
Fusing Privilege and Vulnerability Management with BeyondInsight

The BeyondInsight IT Risk Management Platform is an integrated suite of Privileged Account Management and Vulnerability Management software solutions used by IT professionals and security experts to collaboratively:

  • Reduce user-based risk and mitigate threats to information assets
  • Address security exposures across large, diverse IT environments
  • Comply with internal, industry and government mandates
  • Provide synergy and collaboration for multiple teams from operations to security

Join us for a 1 hour webcast where we will walk you through the situation of the current threat landscape, the new features and functionality of BeyondInsight, and why it's important to organizations today.

SANS Analyst, Eric Cole in 'Leveraging the Critical Security Controls to Mitigate User and Asset-based Risk'
SANS Analyst, Eric Cole in "Leveraging the Critical Security Controls to Mitigate User and Asset-based Risk"

The 20 Critical Security Controls (CSC) have been proven by top public and private security agencies to effectively mitigate cyber threats. During this presentation, Dr. Eric Cole, SANS fellow and a key participant in the development of the (CSC), will focus on the 8 controls specifically designed to address user and asset-based risks. In this webcast, you will learn:

  • The 5 Critical Tenets of an effective cyber defense system
  • The 5 Quick Wins that can deliver solid risk reduction with minimal hassle
  • Techniques for gaining a better understanding of vulnerabilities, privileges and other key points of exposure

You'll walk away with practical tips for leveraging the CSC to more effectively mitigate user and asset-based risk throughout your organization.

  • Where privilege and vulnerability management fit into today’s threat landscape
  • Which asset and user data points are key to understanding and prioritizing vulnerabilities
  • What steps you can take to interconnect your privilege and vulnerability management processes
The 5 Things Every Linux Administrator Should (and Should Not) Do When It Comes to Privileged Account Management
The 5 Things Every Linux Administrator Should (and Should Not) Do When It Comes to Privileged Account Management

Join Avi Miller, Product Manager, at Oracle and Paul Harper, Product Manager, at BeyondTrust for a 60 minute joint webcast which will cover the 5 Do’s and 5 Don’ts when it comes to privileged account management. They will also cover specifically how you can protect privileged accounts within the Oracle VM and Oracle Linux environment with BeyondTrust's PowerBroker for Linux solution.

  • Where privilege and vulnerability management fit into today’s threat landscape
  • Which asset and user data points are key to understanding and prioritizing vulnerabilities
  • What steps you can take to interconnect your privilege and vulnerability management processes
Blending Privilege Vulnerability Management in 2014 with 451 Research Senior Analyst, Javvad Malik
Blending Privilege Vulnerability Management in 2014 with 451 Research Senior Analyst, Javvad Malik

Javvad Malik of 451 Research discusses how to quickly discern and prioritize security exposures by aligning your vulnerability management (VM) and privilege management (PM) programs. You’ll learn how asset and user-based exposures are intertwined — and how establishing lines of communication between VM and PM operations delivers an effective gauge of relative risk. Javvad will walk attendees through:

  • Where privilege and vulnerability management fit into today’s threat landscape
  • Which asset and user data points are key to understanding and prioritizing vulnerabilities
  • What steps you can take to interconnect your privilege and vulnerability management processes
Security is Business As Usual: Continuous Vulnerability Management
Securing Windows Servers in 2014: What You Need to Know

Every year we see constant change and evolution in Windows vulnerabilities. As we prepare for 2014, it's a good reminder to note that it's not just the vulnerabilities that evolve but the tools that help harden security for Windows servers, as well. In this 60 minute webcast Darren Mar-Elia, Group Policy MVP and Contributing Editor at Windows IT Pro Magazine, talks about the free Security Compliance Manager tool from Microsoft, when and where it's effective and useful, and the best practices for securing your Windows Servers. BeyondTrust's Senior Director of Product Management, Morey Haber, will then briefly show you how tools from BeyondTrust can verify hardening procedures.

Security is Business As Usual: Continuous Vulnerability Management
Security is Business As Usual: Continuous Vulnerability Management

With PCI-DSS 3.0 and other changes in the industry, vulnerability management is even more critical today. In this webcast, Kevin Johnson, CEO of Secure Ideas, will explore the "Business As Usual" model and how security is the often forgotten part. Kevin will discuss ways to improve your vulnerability management in cost effective AND effective ways. He will explore what this means and how to perform this type of continuous testing without overloading your already busy staff.

Learn About the Risks of Unnecessary Privileges
Learn About the Risks of Unnecessary Privileges

What happens when employees and contractors are indiscriminately given administrative access – or other unnecessary privileges - to your organization’s servers and desktops? Is your organization at risk of unauthorized software installation, malware attacks, and even loss of proprietary data.

First Look at BeyondSaaS: The Easiest SaaS Vulnerability Scan Ever
First Look at BeyondSaaS: The Easiest SaaS Vulnerability Scan Ever

A demonstration of BeyondSaaS, a cloud-based vulnerability assessment solution that gives you an attacker’s-eye view of your IT perimeter. The solution delivers fast, efficient and affordable security assessments of your public-facing network infrastructure and web applications – providing you with in-depth vulnerability data and actionable remediation information. Start a free trial.

The result of over 15 years of development, BeyondSaaS is powered by one of the most effective and respected security tools on the market: BeyondTrust Retina. Key features include:

  • External network scanning of unlimited IP addresses
  • Black-box web application assessment
  • Unlimited user accounts
  • Assessments for PCI DSS and other compliance mandates
  • Clear vulnerability reports, including trending and remediation action items
  • Secure, two-factor authentication via Microsoft Live
  • Encrypted data transmission
  • No software or hardware install
  • No license management
Restricting User Privileges Doesn t Make You a Bad Person...
Restricting User Privileges Doesn t Make You a Bad Person...

IT teams cannot get in the way of business. Yet, they also have a duty to the organization to protect critical information and prevent attacks. It turns out the path of least resistance for many attacks is to target device users and wait for them to make a mistake, thus providing an opening for compromise. A reliable way to reduce attack surface and take the human element (and fallibility) out of the equation is to restrict the access of the employees. By limiting what they can do on their devices, you basically protect them from themselves.

Unfortunately, this can be a controversial method, given that employees want to do what they want and IT cannot get in the way of what these business leaders think is important. Thus, to move this approach forward you'll need to use one part technology (to not totally break the user experience) and one part persuasion to assure business folks they will still get their job done, but more securely.

In this webcast, Securosis analyst Mike Rothman will cover:

  • The kinds of attacks you face, and why traditional detection/prevention is failing.
  • The importance of limiting what unsophisticated users can do on computing devices.
  • How to roll out a least privilege approach without losing your job.
Going Above and Beyond Meeting Your PCI DSS Requirements
Going Above and Beyond Meeting Your PCI DSS Requirements

The latest version of the PCI DSS implements changes to effectively monitor and document how well vulnerability management programs are working within an organization. It is no longer possible to produce a report once a quarter without proof that a regular program is in place and that scanning and mediation activities are truly happening within acceptable time frames.

BeyondTrust has created a solution that goes above and beyond PCI DSS requirements by making it simpler and more efficient to generate applicable PCI reports, SLA's, and scorecards for management of your requirements. Join BeyondTrust's Morey Haber, Senior Director of Program Management, for a special, 30 minute demonstration, followed by live Q&A time of how our solution goes above and beyond meeting your PCI DSS requirements.

Vulnerability Intelligence: Not the Oxymoron You Think It Is...
Vulnerability Intelligence: Not the Oxymoron You Think It Is...

Morey Haber, Senior Director of Product Management at BeyondTrust, provides an overview of how our products can help you solve the problems caused by this interesting two word paradox.

Vulnerability Intelligence: Not the Oxymoron You Think It Is...
Part Three: Asset Identification and Inventory - The Missing Link in Vulnerability Management
Part Three: Asset Identification and Inventory - The Missing Link in Vulnerability Management

Part 3 of a 3 part webcast series with SANS Analyst, Dave Shackleford, on Vulnerability Management. In our last installment of this series, we'll explore:

  • Why developing a system inventory is a critical part of your security program
  • How accurate inventory baselines can be used to develop metrics and reporting
  • How more accurate asset identification can be used to improve audits and vulnerability management overall
Part Three: Asset Identification and Inventory - The Missing Link in Vulnerability Management
Minimizing the Impact of Restricting Admin Privileges for End Users
Minimizing the Impact of Restricting Admin Privileges for End Users

Struggling to migrate from Windows XP before support ends April 2014? Want to follow best practices and compliance requirements to mitigate risk? Is it possible to easily limit user privileges?

The advantages for limiting and eliminating Admin rights include:

  • Reducing exposure to malware or APTs that require Admin privileges to run
  • Implementing the concept of least privilege to limit access to systems, applications, and data
  • Allowing employees to perform their jobs, without impacting IT or end-user productivity
  • Preventing the Help Desk from being flooded with selective elevation of admin privileges temporarily

Join BeyondTrust security experts to learn about how this forced change impacts your operations and what you can do today to minimize that impact.

Minimizing the Impact of Restricting Admin Privileges for End Users
The 5 Keys to Context-Aware Vulnerability Management
The 5 Keys to Context-Aware Vulnerability Management

Retina not only identifies security exposures across your entire IT landscape, but also gives you the insight you need to better understand, mitigate and communicate risk. Check out this video to see what makes Retina the most context-aware vulnerability management solution on the market.

Showcasing Retina Network Security Scanner Unlimited with Marc Maiffret
Showcasing Retina Network Security Scanner Unlimited with Marc Maiffret

BeyondTrust's CTO, Marc Maiffret, takes you through an introduction, demo and Q&A of Retina Network Security Scanner Unlimited. Retina Network Security Scanner is the fastest, most mature vulnerability assessment solution on the market, and is now available for only $1,200 per year. Features available in Retina Network Security Scanner Unlimited include:

  • Unlimited IP scanning
  • Web, database & virtual application scanning
  • PCI DSS scanning and reporting
  • SCADA scanning
  • Regulatory reporting
  • Scheduled scans
  • Web-based tech support
Showcasing Retina Network Security Scanner Unlimited with Marc Maiffret
Part Two: It's All About Risk w/ Dave Shackleford
Part Two: It's All About Risk w/ Dave Shackleford

Part 2 of a 3 part webcast series on Vulnerability Management. In the second part of this webcast series, you'll learn:

  • How to sift through the "noise" of vulnerability scan data and find what's most useful
  • Prioritization strategies and tactics for providing the most useful and relevant data to operations teams
  • How to develop more accurate context for vulnerabilities, and determine the real risks you face
Part Two: It's All About Risk w/ Dave Shackleford
Managing, Troubleshooting, and Recovering Group Policy Objects w/ Derek Melber
Managing, Troubleshooting, and Recovering Group Policy Objects w/ Derek Melber

Group Policy continues to grow as the main tool to secure your Windows environment. However, Group Policy does not come with good management tools to help ensure you have a stable and secure environment. Managing, troubleshooting, and recovering from a Group Policy issue is not easy and certainly not obvious.

In this webcast, Derek Melber, Group Policy MVP, will give you pointers to help you manage, troubleshoot, and recover from Group Policy issues faster and with greater reliability.

Managing, Troubleshooting, and Recovering Group Policy Objects w/ Derek Melber
The Windows Desktop: A Hacker’s Best Friend. It doesn't have to be! with Derek Melber
"The Windows Desktop: A Hacker’s Best Friend. It doesn't have to be!" with Derek Melber

It is all over the news! Employees are attacking their employer in an attempt to get money, notoriety, and revenge. Employees can use their corporate desktop, typically Windows based, to attack the network and gain a foothold into the data that they should not have access to. Closing off all of these attack surfaces requires an integrated approach of security and policy identifying the flaws 'attackers' are looking for and securing them, as well as implementing least privilege where necessary to reduce overall exposure.

In this webcast, join Derek Melber, Microsoft MVP, for an interactive presentation where he'll walk you through relevant use cases which demonstrate an effective approach to getting the best of both worlds of enforcing least privilege through effective policy management, while at the same time, ensuring the proper security and configuration of your Windows desktops.

"The Windows Desktop: A Hacker’s Best Friend. It doesn't have to be!" with Derek Melber
Taking a Hard Look at Your Vulnerability Management Program with Mike Rothman
Taking a Hard Look at Your Vulnerability Management Program w/ Mike Rothman

Many think vulnerability management is a mature and staid technology. Au contraire, as the attackers continue to evolve and innovate their attacks, the definition of a "vulnerability" continuously evolves.

In this webcast, Securosis' Mike Rothman will revisit their "Vulnerability Management Evolution" research and discuss how to take a hard look at your VM environment. He'll also touch on the scenarios where you should consider moving to a new platform.

Taking a Hard Look at Your Vulnerability Management Program w/ Mike Rothman
Leveraging Group Policy to Generate a Security Baseline w/ Derek Melber
Leveraging Group Policy to Generate a Security Baseline w/ Derek Melber

Derek Melber, Microsoft MVP, will walk you through the best practices and options available to help configure and secure your endpoints, as well as giving you real world techniques on how to best manage, create, troubleshoot, and deploy specific Group Policy settings and extensions.

As an MVP, Derek will be able to give you insight into areas of Group Policy that you did not even know existed making sure you walk away with actionable items to try right away!

Leveraging Group Policy to Generate a Security Baseline, Presented by Derek Melber, Microsoft MVP
Active Directory Auditing and Compliance with Microsoft MVP Derek Melber
Active Directory Auditing and Compliance with Microsoft MVP Derek Melber

In this webcast, you'll learn about real-time AD and GPO change monitoring for organizations of all sizes, how to enforce tighter security and audit procedures for your Active Directory environment, and how to decrease privileged identity security risks and protect against attacks and data loss resulting from the intentional or accidental misuse of privileged accounts and systems.

Active Directory: Auditing, Compliance & Recovery, Presented by Derek Melber, Microsoft MVP

Part One: What Do You Need from Vulnerability Management?
Part One: What Do You Need from Vulnerability Management?

BeyondTrust has teamed up with SANS Analyst, Dave Shackleford, for a 3 Part Live Web Event Series. Learn what information tends to be most valuable when running scans and assessing vulnerabilities, which reports that have the most business and technical impact and how to work with business units and operations teams to define a more practical, useful vulnerability management program

Part One: What Do You Need from Vulnerability Management?

New Developments in Active Directory Security and Compliance - Presented by Derek Melber, Microsoft MVP
New Developments in Active Directory Security and Compliance

Couldn't make it to MicroSoft's TechEd or TechEd Europe this year? No problem, we've got you covered. In this recording Derek Melber, Microsoft MVP walks you through all the new and exciting developments in Active Directory security and compliance!

New Developments in Active Directory Security and Compliance, Presented by Derek Melber, Microsoft MVP

What's New in the Retina 4.5 Release
What's New in the Retina 4.5 Release

Retina is the only vulnerability management platform designed from the ground up to provide IT security for professionals with context-aware vulnerability assessment and risk analysis. Watch this webcast and see firsthand the newest features and functionality in Retina 4.5.

Introduction to Retina 4.5 from BeyondTrust

Beyond Traditional Security
Beyond Traditional Security

BeyondTrust provides solutions that are beyond traditional security with a wide assortment of comprehensive IT security software products that can fit businesses of all sizes.

Intersection of IT Security & IT Operations. Technology challenge where BeyondTrust helps builds solutions towards.

BeyondTrust: Cyber Threats
BeyondTrust: Cyber Threats

Enabling threat-aware policy and actionable analytics across best of breed security solutions from Least Privilege to Vulnerability Management.

BeyondTrust solutions protect dynamic IT landscapes from internal and external threats

BeyondTrust Technologies
BeyondTrust Technologies

Leading provider of Vulnerability Management, Privileged Account Management and insider threats across physical, virtual, and cloud environments.

Delivering unmatched Context-Aware Security Intelligence across your entire IT infrastructure.

Retina CS: Installation and Deployment
Retina CS: Installation and Deployment

Retina can be deployed as a standalone scanner, distributed throughout an environment and integrated with Retina CS for enterprise deployments.

Retina CS is simple to set up and deploy, plus, it has an easy-to-navigate dashboard and web-based management console.

Retina CS and Insight
Retina CS and Insight

Retina CS centrally manages risk across the entire infrastructure. Close the gaps across the vulnerability management lifecycle to reduce risk for your organization.

Dramatically reduce risk in physical,virtual,
mobile and cloud environments

PowerBroker Servers
PowerBroker Servers

PowerBroker Servers empower IT with the ability to delegate root tasks and authorization on Linux, UNIX, and Mac OS X without ever disclosing the highly sensitive root password.

Controlling Privileged User Activity Through
Root Task Delegation

PowerBroker for Windows Desktop
PowerBroker for Windows Desktop

PowerBroker Desktops is the fastest and easiest way to secure desktops by removing admin rights without end user disruption by selectively elevating privileges.

PowerBroker Desktops is the fastest and easiest way to secure desktops

PowerBroker Identity Services AD Bridge
PowerBroker Identity Services "AD Bridge"

See how to utilize PowerBroker Identity Services Enterprise for Active Directory authentication, centralized management and audit reporting across heterogeneous non-Windows environments.

Integrate Linux, UNIX, and Mac OS X with Active Directory

PowerBroker Databases
PowerBroker Databases

Address the threat to data security and compliance posed by un-controlled privileged database users.

Secure Data & System Configurations with
PowerBroker Databases

PowerBroker Management Suite
PowerBroker Management Suite

Protection and recovery, real-time auditing, user entitlement with interactive analysis, alerting and reporting for your critical Microsoft technologies.

Minimize deployment costs and administrator training with a single architecture solution

Don Jones
Don Jones, MVP and Senior Partner, Concentrated Technology

Don has more than a decade of professional experience in the IT industry. He's the author of more than 35 IT books, including Windows PowerShell: TFM; VBScript, WMI, and ADSI Unleashed; Managing Windows with VBScript and WMI; and many more.

Least Privilege for Server Administration in Microsoft Environments – A Bright Light at The End of a Long Tunnel

Sander van Vugt
Sander van Vugt, Independent Linux Expert

Sander’s specialty is helping people implement Linux solutions and he does this by writing books (he currently has almost 50 titles in different languages so far), by giving technical training courses and by working as a consultant.

A Modern Approach to Privileged User Management in Enterprise Linux Environments

Andras Cser
Andras Cser, Principal Analyst with Forrester Research

Andras serves Security & Risk professionals. He is a leading expert on privileged account management, access management, user account provisioning, entitlement management, federation, privileged account management, and role design and management.

A Lively Discussion Surrounding Privilege Delegation and the Risks of sudo

Darren Mar-Elia
Darren Mar-Elia, Microsoft Group Policy MVP

Darren Mar-Elia is president and CTO of SDM Software, a Group Policy solutions company. He has over 20 years combined experience in information technology and software development. He was senior director of product engineering at DesktopStandard (acquired by Microsoft), and before that, served as CTO for Windows management solutions at Quest Software.

Architectural Approaches to Least Privilege on the Desktop

Derek Melber
Derek Melber (MCSE, MVP), President and CEO of BrainCore.net

Derek Melber (MCSE, MVP), President and CEO of BrainCore.net Derek Melber, MCSE, MVP, is an independent consultant, speaker, author, and trainer. Derek’s latest book, The Group Policy Resource Kit by Microsoft Press, is his latest best-selling book covering all of the new Group Policy features and settings in Windows Server 2008 and Vista.

Basics for Reducing Security Risk - An Overview

LUA Solutions for Corporate Windows Desktops

Compelling Reasons for Least Privilege
PowerBroker for Windows
PowerBroker for Windows - Advanced Tips, Tricks, and Techniques

Learn and explore advanced functionality with PowerBroker for Windows with our team of Windows Privilege Management experts. Some points that are covered include: how to audit your environment before you deploy policy, troubleshooting problem applications, advanced policy targeting, and much more.

Learn advanced functionality with PowerBroker for Windows

Catbird
Group Policy - Leveraging the Power and Avoiding the Pitfalls with Derek Melber

Learn the "Power and Pitfalls" of Group Policy and how it can help you better secure your organization and keep your users safe. Some points that are covered are: controlling local administrator passwords and group membership, how to map printers and more, using item level targeting to create dynamic desktop management, and much more.

Learn more about the "Power and Pitfalls" of Group Policy

451 Research
451 Research + BeyondTrust

Join this online event, co-hosted by 451 Research and BeyondTrust, to learn from us how you can begin to leverage this information to drive a more dynamic security strategy, as well as to hear Andrew Hay from 451 Research discuss how this data is impacting the enterprise today.

Turning Your Big Security Data into a Big Advantage

eeye
eEye + BeyondTrust

With eEye, vulnerability management is no longer just about scanning. That's just step one! To truly safeguard your organization today, you need unified vulnerability management: find system weaknesses, quickly fix the most important, and defend against future attacks..

eEye Digital Security and BeyondTrust Software, Inc. are the two companies that best understand the current threat landscape - and its impact on your business!

Kaspersky
Kaspersky + BeyondTrust

Join Kaspersky and BeyondTrust for this informative webcast that addresses the top five security challenges facing IT today - and learn how to protect your organization from insider threats.

Prevent Good People From Doing Bad Things - 5 IT Practices that Put Your Organization at Risk

Oracle
Oracle + BeyondTrust

Listen in on Oracle and BeyondTrust and learn how virtualization is enabling the cloud and how to keep your company - and its assets - secure amidst both hidden and blatant dangers.

How to Keep Good People From Doing Bad Things When Building Private Clouds

Symplified
Symplified + BeyondTrust

Listen in on this frank discussion about cloud security as Symplified CTO, Darren Platt, and BeyondTrust EVP of Product Operations, Jim Zierick, share their observations on keeping your company and its assets secure amidst hidden and blatant dangers. We’ll show you how it is indeed possible to achieve a corporate environment free from the worry of intentional, accidental, or indirect misuse of privilege.

Preventing Good People From Doing Bad Things With Your Cloud Security

Windows Privilege Management
An Introduction to Windows Privilege Management

Learn the basics of network security and tools that you should be leveraging to create and enhance protection for your organization. PowerBroker for Windows, a cutting edge program that helps organizations significantly improve their desktop security by making it easy to remove administrator privileges from users without impacting productivity.

Gain insight on the latest tools for Windows Privilege Management

Catbird
Catbird + BeyondTrust

Listen to Catbird and BeyondTrust for this informative on-demand that addresses these new guidelines and gives actionable advice on how to implement the new requirements and stay secure and compliant as you transition to your own virtualized and cloud infrastructure.

Maintaining PCI Compliance in a Cloud & Virtual World

Implementing Continuous Monitoring Across the Physical and Virtual Environment
Implementing Continuous Monitoring Across the Physical and Virtual Environment

In this 60 minute webcast, you will learn how an aerospace and defense company was able to successfully meet multiple security and compliance regulations Retina CS. This organization was challenged with several DoD requirements including security configurations and checks, vulnerability assessment and management, and patching; all of which required constant monitoring and maintenance.

The Most Comprehensive VM Solutions Available

Symplified
Find It And Fix It - Integrated Vulnerability Management And Patching

Join BeyondTrust and Dustin Larsen of SM Energy to learn more on Integrated Vulnerability Management and Patching. Hear how Dustin was able to fully-integrate vulnerability scanning with patch management and much more.

The Most Comprehensive VM Solutions