What is an Open Port & What are the Security Implications?
Learn an overview of ports, how they are used, some important risks to be aware of, and how to mitigate port-related cybersecurity risks across your environment.
5 Use Cases for Reducing Unix & Linux Attack Surfaces and Achieving Compliance
Where do you start with Unix/Linux privilege management? How do you know what to tackle first? BeyondTrust’s 30+ years in pioneering the Unix/Linux least privilege market tells us you can reduce Unix/Linux attack surfaces and improve compliance by doing five basic things really well.
What is IT Support? Your Technical Support Tools and Service Desk Explained
This blog will discuss the different types of IT support, the challenges a strong technical support team can help your organization address, and the technical support tools and technologies that can help your IT support mitigate risk and elevate efficiency in today’s challenging and increasingly perimeterless environment.
Zero Trust and Passwordless Authentication
The passwordless model has quite a few substantial security benefits – if you put the pieces together correctly. But, does does zero trust mean zero passwords?
Identity Access & Security Best Practices Highlighted at Identity Management Day 2022
Read on to learn more about this year’s Identity Management Day, along with some of the supplemental best practices that were shared during the event.
Applying Access Control Lists in the Cloud
An Access Control List (ACL) provides a security mechanism to define who or what has access to your assets, buckets, network, storage, file, etc. Read on to learn how to use ACLs in the cloud to apply the principle of least privilege and segmentation.
The Axeda Vulnerability and Lessons Learned
In March, a vulnerability that impacts Parametric Technology Corporation’s (PTC) Axeda agent and Axeda Desktop Server was announced. The Cybersecurity and Infrastructure Security Agency (CISA) issued advisory ICSA-22-068-01 stating that the vulnerability is exploitable remotely with a low attack complexity… a particularly bad combination. This event serves as an apt moment to reflect on the underlying security deficiencies and what we can learn from them.
What is Vendor Privileged Access Management (VPAM)?
This blog will explore vendor access risks, the building blocks of VPAM, why VPAM is more than the some of its parts, core VPAM capabilities, and what a holistic vendor privileged access management solution should look like.
How to Prepare for 2022 Cyber Insurance Renewals and What to Expect
Cyber insurance premiums in 2021 continued to climb to record highs, spurned by a significant spike in successful cyberattacks. According to the Council of Insurance Agents & Brokers, the average premium for cyber insurance coverage increased 27.6% during Q3 2021, which was on top of an increase of 25% in the previous quarter.
Celebrating International Women’s Day and Women’s History Month at BeyondTrust!
In celebration of International Women’s Day and Women’s History Month, the Women and Allies BeyondTrust Employee Resource Group (BTRG) hosted a robust slate of events to highlight and celebrate the incredible women of BeyondTrust.
Export Implications of the Conflict in Ukraine
Russia’s invasion of Ukraine has spurred several new regulatory actions on the global trade front. Governments, including the United States and the United Kingdom, have imposed new sanctions programs and tightened export restrictions against individuals, companies, and organizations with ties to Russia and Belarus. Learn what BeyondTrust is doing.
Lapsus$ Breaches Remind us Service Desks & Insiders often Weakest Link
Last week was a busy one for the criminal hacking group Lapsus$, also known as DEV-0537. On Monday, Lapsus$ announced that it had a “super user” administrative account for identity as a service (IDaaS provider) Okta, via a third-party support engineer. On Thursday, seven purported members of Lapsus$--ages 16 to 21—were apprehended by City of London Police. Read on for more BeyondTrust Labs insight on the Lapsus$ group, their modus operandi, and security practices you should implement to stay protected from Lapsus$-like attacks.