BeyondTrust Privileged Account and
Vulnerability Management White Papers
Our security experts have compiled a plethora of resources to help you get more value out
of BeyondTrust products and solutions.
Read the results of BeyondTrust's second privileged account management survey, Privilege Gone Wild 2. Even though nearly half of the survey respondents admit they have employees with access rights not necessary to their current role, more than one out of four companies indicated they have no controls in place to manage privileged access.
The idea behind cyberthreat intelligence is to provide the ability to recognize and act upon indicators of attack and compromise scenarios in a timely manner. While bits of information about attacks abound, cyberthreat intelligence (CTI) recognizes indicators of attacks as they progress, in essence putting these pieces together with shared knowledge about attack methods and processes.
Most vulnerability management solutions do little to help security leaders put vulnerability and risk information in the context of business. Saddled with volumes of rigid data and static reports, the security team is left to manually discern real threats and determine how to act upon them. At BeyondTrust, we believe that security professionals deserve more from their vulnerability management solutions.
Read Ovum's SWOT Assessment, an honest and thorough review of BeyondTrust's Privilege Account Management solutions. This paper analyzes the strengths, weaknesses, opportunities, and threats in the PAM space.
Like most IT organizations, your team may periodically face the “dreaded” task of being audited. While the list of specific audit requirements can seemingly go on forever, implementing the four best practices discussed in this white paper will ensure that you pass your privilege management audits 99% of the time.
Application control solutions are designed to block the execution of unauthorized applications. PowerBroker for Windows is the next-generation solution for application control. When integrated with Windows, application privileges are simply controlled with just a few rules.
This document provides an overivew of BeyondTrust's powerful compliance and risk management solutions, with specific details concerning the needs of U.S. government agencies.
Solutions Overview: The Australian Signals Directorate (ASD) Strategies to Mitigate Targeted Cyber Intrusions
The Australian Signals Directorate has developed a list of strategies to mitigate targeted cyber intrusions developed through ASD’s extensive experience in operational cyber security. This document provides an overview of the recommendations revised in 2014 in relation to BeyondTrust’s Privileged Account Management (PAM) and Vulnerability Management (VM) solutions.
Effective as of July 2014, the Monetary Authority of Singapore (MAS) has imposed updated Technology Risk Management (TRM) Guidelines on all financial institutions that have any form of operations in the territory, no matter where in the world they are based. This Bloor solutions paper details how BeyondTrust's product suite can help financial institutions achieve compliance.
Password theft and loose password protocols leave companies vulnerable to insider attacks or to external attacks that leverage insider credentials. Learn how Password Safe can help you mitigate these threats.
The Top 20 Critical Controls are designed to stop the cycle of compromise and privilege escalation before it can begin. BeyondTrust software solutions address several of the Critical Security Controls, namely those designed to mitigate threats to assets and users in IT environments.
This white paper discusses three potential states for vulnerabilities — active, dormant and carrier — and the business ramifications of remediation strategies. The paper also briefly introduces some new technologies in Retina and PowerBroker that address each vulnerability state.
BeyondTrust Addendum to VMware Solution Guide for the Health Insurance Portability and Accountability Act (HIPAA)
Organizations migrating physical server infrastructure to virtual platforms often find that virtual hosts and guests can present new security risks and compliance violations. Without proper security policies and tools, these risks can outweigh the cost reduction and efficiency benefits offered by virtualization strategies. BeyondTrust security solutions enable your organization to adopt best practices for virtual platform security while addressing key mandates outlined by HIPAA.
In June 2013, the Monetary Authority of Singapore created a new set of guidelines for Internet Banking and Technology Risk Management (IBTRM). This addendum mandated certain requirements for Technology Risk Management (TRM) and also contained a set of guidelines (TRM Guidelines) and errata notices (TRM Notices). BeyondTrust supports these four practice areas. This whitepaper discusses BeyondTrust solutions and the sections of MAS TRM Guidelines that are covered with this technology.
BeyondTrust Addendum to VMware Solution Guide for the Payment Card Industry Data Security Standard (PCI DSS)
Organizations migrating physical server infrastructure to virtual platforms often find that virtual hosts and guests can present new security risks and compliance violations. Without proper security policies and tools, these risks can outweigh the cost reduction and efficiency benefits offered by virtualization strategies. BeyondTrust security solutions enable your organization to adopt best practices for virtual platform security while addressing key mandates outlined by the Payment Card Industry Data Security Standard.
Retina CS facilitates both Microsoft and third party patching by integrating with Microsoft Windows Server Update Services (WSUS). Retina CS utilizes WSUS as the patching engine and effectively becomes a management console to WSUS. Familiarity with WSUS is necessary to fully understand the Retina CS integration.
PowerBroker® for Windows provides fine-grained, policy-based privileged delegation capabilities for the Microsoft® Windows environment. The solution allows organizations to remove local admin rights from end users and server administrators without hampering productivity. PowerBroker selectively elevates privileges for applications, software installs, system tasks, scripts, control panel applets, management functions, and other application and system operations. Additionally, PowerBroker for Windows provides Session Monitoring, Risk Compliance, and File Integrity Monitoring capabilities for granular tracking of privileged user activity across Windows’ desktop and server environments.
BeyondTrust has developed patent-pending technology to fuse the risk of vulnerable applications, application control, regulatory compliance, and least privilege into the next generation of endpoint security solutions. This fusion addresses the concerns of whitelisting vulnerable applications and can match application privileges and runtime operations to regulatory compliance requirements based on abstract and industry standard risk concepts.
BeyondTrust joins asset and user information in one platform, allowing IT and Security teams to have one lens through which to view risk. This puts events in context and enables joint decision-making within your IT organization, ensuring daily operations are guided by common goals for reducing risk.
Smartphones and tablets are invading the workplace along with the security risks they bring with them. Every day these devices go unchecked by standard vulnerability management processes, even as malware on phones and tablets continues to increase at rapid rates. Leaving mobile security out of your integrated security strategy opens your network to security breaches, data loss, intellectual property theft, and regulatory compliance issues.
Virtually every organization is being compelled to improve client security. Auditors, regulators and business unit owners all recognize the threat unsecured desktops pose, and understand the need to comply with the myriad of regulatory and governance issues that make today’s headlines.
In BeyondTrust’s latest survey of its customers and prospects, the company learned that cyber threats that don’t make headlines are in fact the ones causing concern for IT security professionals. The survey, which polled 1677 respondents, demonstrated that headline-driving attacks are not what keep IT security professionals or executives up at night. In fact, findings revealed that 55 percent of respondents viewed common malware and spyware as the number-one threat to their organizations.
These seemingly incongruous needs often come to a head on the Windows desktop, which is the main entry point for the user into an enterprise network. In this whitepaper, I’ll examine this age-old struggle and help you understand how you can find the right balance with something I call "Best Privilege."
In this whitepaper, Microsoft Group Policy MVP, Darren Mar-Elia, expertly discusses the capabilities of Group Policy with respect to security configuration, including a number of new features introduced in Windows 7 & Server 2008-R2; how policy gets delivered and the tattooing nature of security settings; the free Microsoft Security Compliance Manager tool and how it can help you define security baselines based on best-practice templates that can be exported to live GPOs; the challenges of using Group Policy as a security compliance solution, including some best practices; and how 3rd parties are leveraging and extending Group Policy as a tool for delivering new Windows security features.
AppLocker, which was introduced in Windows 7, provides powerful technology for controlling application execution for enterprises. By implementing AppLocker policy, organizations can better control what applications can install and run on desktops via White Lists and Black Lists, improving security and reducing the risk that malware poses.
Curious about how least privilege applies to you and your organization? Let Goldie Locks show you in this new eBook written by Microsoft MVP Derek Melber. In the story, Goldie Locks plays the role of a recent college graduate, with degrees in marketing and multimedia communications, who is just starting her position in marketing for a mid-sized IT company.
Linux mastermind Sander van Vugt gives an overview of the current options that are available in the Linux operating system and discusses some features that can cause potential problems in modern enterprise environments.
In this guide, you'll learn how to avoid the top five vulnerability management mistakes to protect critical IT assets and improve your security posture, while reducing costs.
Implementing a vulnerability management process is critical to protecting any business from harmful attacks. This whitepapers examines the importance of vulnerability assessment and the common myths surrounding security protection.
In a world where rapid IT expansion must adapt to the requirements of cloud computing amid the risks of increasingly sophisticated cybercrime, enterprises of all sizes are rethinking their IT security. Gartner has predicted that one of the newest preferred methods of implementing IT security will be through the use of a context-aware methodology. Many security focused companies are currently in the conceptual and design phases of context aware security. BeyondTrust, though, is the only security solution vendor actually providing Context-Aware Security Intelligence today.
This white paper discusses the goals and challenges of creating a privileged access management program for your Windows desktops and servers in an enterprise environment. Privileged access is a key issue these days, especially on desktops, for which an over-privileged user can be a weapon of destruction on your internal network if they inadvertently download and install malware.
The Federal Information Security Management Act of 2002 requires federal agencies to report on the state of their information security. The United States Office of Management and Budget released a reporting tool called CyberScope in 2009 to assist these agencies in meeting FISMA reporting requirements. CyberScope attempts to correct previous deficiencies and streamline the FISMA reporting process. BeyondTrust offers products that allow organizations to comply with these requirements and support directives used to comply with FISMA requirements such as FDCC, SCAP and DIACAP.
This IDC Vendor Profile profiles BeyondTrust, a market leader in the Privileged Account Management (PAM) space. In this Vendor Profile, IDC defines the market drivers for PAM technology and outlines the BeyondTrust approach to solving this issue for both enterprise and government entities.
Compliance efforts and security concerns have driven businesses to make substantial investments in threat control. Too often, however, these efforts pay far too little heed to the risks posed by poorly controlled access to administrative privilege in IT, which can have a hugely disproportionate impact on the business.
Every organization needs to have management tools that allow them seamless control over all aspects of their Active Directory environment. Uptime is extremely important for every organization and every minute that Active Directory is not functioning properly could cause a financial loss. Administrators need tools that can provide them with insight into when Active Directory is changed, objects modified or deleted, so they can take quick and efficient action if the change is in error. PowerBroker Auditor for Active Directory provides this integration of real-time auditing of changes to all Active Directory objects, along with the ability to rollback any changed or deleted object efficiently and with great precision.
This white paper highlights recommended steps to successfully implement automated policy management processes within UNIX/Linux systems using the privileged access lifecycle management framework. Lastly, we will focus on PSMC, the unifying platform solution to centralize policies, reporting and workflow engines, and deliver higher manageability, security and compliance capabilities.
As Windows grew to fill roles in larger networks, both the OS and the server products built upon it did not always evolve to include more granular permission structures for administrators. The result has been an industry that, in general, relies on fully-privileged administrator accounts to accomplish even minor administrative tasks. We know it is a poor practice, but what else can we do?
This paper summarizes the studies of web application scanners and an attempt to quantify their effectiveness done by Larry Suto, Application Security Consultant from San Francisco. This study utilizes a novel methodology developed to objectively test the three leading web application vulnerability assessment tools. So far as the author knows, this is the first publicly published study that statistically evaluates application coverage and vulnerability findings by these tools.
The United States government passed the Federal Information Security Management Act in 2002, which requires federal agencies to provide reports on their information systems. The National Institute of Standards and Technology has published Special Publication 800-53, which further details the requirements that federal agencies must meet regarding their information systems. In this paper, learn how BeyondTrust provides a variety of software solutions that meet these federal requirements. Retina is a platform that provides centralized control over a suite of applications which perform vulnerability management and other functions related to system security.
Compliance with HIPAA is a federal law and violators face up to $250,000 in fines and jail time of up to 10 years. This whitepaper examines how a vulnerability assessment solution, such as the Retina Network Security Scanner, is key to attaining compliance.
This paper discusses different scanning techniques and the benefit of using non-intrusive methods for regular vulnerability assessments and more hostile measures for specific environments.
The popularity of virtual applications has increased exponentially; however, the architecture and deployment of virtual applications are difficult to manage for traditional vulnerability management solutions. This guide examines challenges of scanning and detecting virtual app vulnerabilities and details how Retina ensures virtual apps are part of your standard vulnerability management processes.
Reduce the Cost of PCI DSS Compliance with Unified Vulnerability Management: A Requirement-by-Requirement Guide
In this guide, you'll learn how to cut the cost and time-investment of PCI compliance using powerful new Unified Vulnerability Management capabilities. Get requirement-specific methods to ensure that you meet compliance and keep sensitive information fully protected.
HIPAA regulations require healthcare companies to develop, implement and document the measures they take to ensure that health information remains secure under the Health Insurance Portability and Accountability Act (HIPAA). HIPAA is intended to protect and simplify the exchange of healthcare data nationwide.
In Configuration We Trust offers simple, practical steps to dramatically improve security posture without investing in new technology. This report from the BeyondTrust Research Team offers configuration best practices related to VLANs and IPSec, proxies, disabling WebDAV, as well as insights on why organizations should upgrade their Microsoft software, how to best utilize penetration testing, and more. Download this white paper and receive a free configuration check tool.
The number of mobile and remote workers has exploded over the past few years. So have the security risks they pose and once these vulnerable employees re-connect they pose a growing threat to your corporate network. This solution brief outlines how an endpoint intrusion prevention and scan-on-connect solution can enable you to secure mobile and remote machines, and your corporate network, from today’s most sophisticated and blended threats.
In an enterprise Windows’ desktop environment, whether a company has 100 or 10,000 seats, the challenge of managing access is fraught with difficulty. In a study conducted by BeyondTrust, this report details the results of a survey of 185 IT Administrators and Help Desk Operatives who are collectively responsible for over 250,000 individual Windows’ desktops, in EMEA and North America. This report details their experiences with legacy applications in relation to their ability to effectively elevate access to the networks they manage.
In the 30 years since the inception of "super-user-do" (or sudo) aggressive security, compliance and audit requirements have driven the need for more robust and manageable solutions. This white paper highlights certain situations where sudo has its place in IT. It will also show where it sudoesn't.
Insiders, employees and contractors who have authorized access to confidential data are liable for 70 percent of total data leaks. The importance of data security has evolved several IT product categories, particularly Data Loss Prevention (DLP). This white paper explains DLP, what it means, and reveals the emerging intelligent technologies that go beyond traditional DLP in efficiency and applicability.
The networks of today are much different from the networks of even 10 years ago. Mainly because technology, hardware, and software have become more advanced. Unfortunately, so have viruses, malware, spyware, and end-users. With the influx of successful attacks on corporate networks, not to mention the theft and publication of intellectual property, the need for endpoint security is now at an all time high. What is important to note is that the old school philosophy of protecting the endpoint with a perimeter firewall and written security policy is no longer valid. This white paper discusses the sophistication of strategy and approach that enterprises must take to protect endpoints for a standard corporate network.
Too frequently when businesses think about the dangers presented by hackers, they think exclusively about intrusion. The notion that a hacker will go in and steal data vital business data, or customer information can keep executives and IT managers alike tossing in their sleep. Businesses spend far less time focusing on the increasing problem that hackers might attack their customers through their website. This type of attack is known as cross-site scripting. Sites that are vulnerable to cross-site scripting are not PCI compliant.
This paper focuses on the accuracy and time needed to run, review and supplement the results of the web application scanners and is a follow-on study to a October 2007 study, "Analyzing the Effectiveness and Coverage of Web Application Security Scanners."