Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

The BeyondTrust Blog

  • Blog
  • Archive

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

3 Powerful Strategies for CISOs to Boost their Organizational Influence

February 22, 2021

​In recent years, the CISO role has rapidly been propelled to prominence amongst the C-suite, underpinned by relentless cyber-incursions, intense regulatory security, and the undeniable correlation between cyber-resilience and long-term business and stock performance. Unfortunately, this rapid shift also continues to expose the soft underbelly of most cyber executives, whose technical competences are ill-suited to drive complex change, overcome deeply entrenched cultural inertia, and navigate powerful political establishments.

Read this post

What Is Least Privilege & Why Do You Need It?

February 19, 2021

Least privilege is the concept and practice of restricting access rights for users, accounts, and computing processes to only those resources absolutely required to perform routine, legitimate activities. Privilege itself refers to the authorization to bypass certain security restraints. When applied to people, least privilege access, sometimes called the principle of least privilege (POLP), means enforcing the minimal level of user rights, or lowest clearance level, that allows the user to perform his/her role. However, least privilege also applies to processes, applications, systems, and devices (such as IoT), in that each should have only those permissions required to perform an authorized activity.

Read this post

Security Advisory: Privilege Management for Unix & Linux (PMUL) Basic and Privilege Management for Mac (PMM) Affected by Sudo Vulnerability

February 18, 2021

​On January 26, 2021, the Qualys research team disclosed a heap overflow vulnerability (CVE-2021-3156) within sudo that allows any unprivileged user to gain root privileges on Linux without requiring a password. BeyondTrust PBsudo/Privilege Management for Unix & Linux Basic is affected by this CVE. Apple also acknowledged and released updates to macOS for this CVE on Feb 10, 2021. Based on macOS releases, we confirmed that Privilege Management for Mac (PMM) is also impacted by this CVE.

Read this post

Are your Remote Access Tools FIPS 140-2 Validated? Here’s Why it Matters

February 16, 2021

​The Federal Information Processing Standard (FIPS) 140-2 is an important IT security benchmark and U.S. government standard issued by the National Institute of Standards and Technology (NIST). FIPS 140-2 validation is required for the sale of products with cryptography modules to the federal government. BeyondTrust’s Secure Remote Access solution, comprised of our Remote Support and Privileged Remote Access products, has been awarded a Level 1 Federal Information Processing Standards Publication (FIPS) 140-2 validation for our Remote Support and Privileged Remote Access B300 appliance (physical or virtual). BeyondTrust has the only Secure Remote Access solution that meet the rigorous requirements of FIPS 140-2 Level 1.

Read this post

Aligning Credential & Identity-Based Risk Management with Government Mandates

February 12, 2021

​Over the last year, the surge in government workers remotely logging on to agency networks has been shadowed by concerns about how well agencies are able to strictly control and audit this access. In other words, ensuring the right user has the proper credentials to access the right data, and only at the right time, and for the right purpose. But even before the COVID-19 outbreak sent hundreds of thousands of government employees and contractors scrambling into an extended teleworking experiment, the federal government has been focusing on modernizing and strengthening its Identity, Credential, and Access Management (ICAM) policies.

Read this post

Cyber Attack on Water Treatment Plant a Wake-Up Call to Harden Remote Access Security

February 10, 2021

​Last Friday, a cyber threat actor audaciously cracked into the systems of a Florida water treatment plant leveraging the TeamViewer remote access tool, and ordered the system to increase the amount of lye in the water to extremely dangerous levels. This should serve as a blunt reminder and wake-up call that using consumer-grade remote access tools in both Operational Technology (OT) and Information Technology (IT) environments can introduce risk.

Read this post

Privilege Management for Windows & Mac 21.1 Introduces Web Policy Editor, Azure AD Support, macOS M1 and Yubikey Support

February 9, 2021

Learn about the latest features and benefits of Privilege Management for Windows & Mac 21.1.

Read this post

A Cybersecurity Wellness Check for the Healthcare Industry

February 5, 2021

​2020 was a challenging year for almost everyone due to the global pandemic. The healthcare sector, in particular, faced many unique and daunting challenges. Healthcare organizations were under enormous pressure handling large and, sometimes, overwhelming numbers of patients. To attack a sector desperately trying to keep people alive seems particularly craven, yet that is exactly what cybercriminals did; targeting overwhelmed and stressed health systems and supply chains for financial gain.

Read this post

iOS Screen Sharing - How to Screen Share iPad/iPhone with Remote Support from BeyondTrust

February 2, 2021

BeyondTrust offers the most secure control for Apple devices. This blog post applies to screen sharing support for iOS devices running iOS versions 12 -14.

Read this post

Understanding Sudo Vulnerability CVE-2021-3156 and How Privilege Management for Unix & Linux Can Protect Your Enterprise

January 28, 2021

​The Qualys research team has discovered a heap overflow vulnerability, CVE-2021-3156, in sudo that allows any unprivileged user to gain root privileges on Linux without requiring a password. Even a user “nobody” can get root access to a Linux server without a password.

Read this post

DevSecOps, Containers, & Unified Secrets Management

January 26, 2021

​DevOps secrets and sensitive data are a given in the development world. You can’t write a secure app without taking into account how to validate passwords, prevent unauthorized access, retrieve cryptographic keys, and access API tokens. DevOps has streamlined release cycles, which helps development efficiency, but can sometimes undermine security as lack of standardization and/or expertise around secrets management results in unprotected API access tokens, credentials embedded in source code, cryptographic keys stored insecurely on the filesystem, or other sensitive values stored in configuration files.

Read this post

Privilege Management for Unix & Linux Continues Rapid Growth by Securing Cloud Infrastructure

January 21, 2021

​BeyondTrust is excited to announce record growth of its Privilege Management for Unix / Linux solution in Q4 2020 due to a growing commitment from larger, cloud-focused enterprises to protect their core and digital infrastructure.

Read this post

Blog Archive

  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012
  • 2011
  • 2010
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.