It does not stop the execution, but alerts them much like an antivirus solution and, more importantly, helps track when processes fail for patch management. All the user needs to do is click “OK” to continue.
This approach enables Secure Computing by proactively alerting the end user, the help desk, and the operations team to applications being executed out of compliance. In addition, it allows for application-based vulnerability assessment and can meet continuous vulnerability assessment requirements as users execute applications.
Two additional practices that organizations are striving for (with little success) are using passive scanning technology and deploying complex multi-vendor integrations. These allow for application-based vulnerabilities to be detected as they are communicating across the network. However, they don’t assist with local applications or applications that transmit encrypted communications. PowerBroker for Windows makes this simple. For instance, here’s a PowerBroker rule for PCI compliance concerning critical vulnerabilities over 90 days old (without the need for span ports):
Secure Computing does not have to be the responsibility of the security or operations teams alone. PowerBroker for Windows takes a proactive approach and empowers the end user to notify teams when their applications are not meeting standards.
> Blog: Greylisting Applications with PowerBroker for Windows Risk Compliance
> Blog: Introducing Vulnerability-Based Application Management
> Learn more about PowerBroker for Windows
Morey J. Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust
Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.