Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Avecto Reduces Risk of Dangerous Coding Errors and Enables Least Privilege

April 23, 2014

  • Blog
  • Archive

Avecto Ltd, the leader in Windows privilege management for corporate desktops, today announced its support for a recent publication by CWE/SANS on the 25 most dangerous programming errors and how to fix them. "The top 25 list educates developers on the common coding errors that lead to serious software vulnerabilities, which should be eradicated from software before it is shipped to customers" said Mark Austin, CTO at Avecto.

The challenge for many organizations is that many of the applications that contain these coding errors are critical to the business, but are no longer being maintained by the vendor. Some of the errors in the list relate to organizational behavior and policy; for example, 'CWE-250: Execution with Unnecessary Privileges', which can result in an all too common scenario, where an application will only function correctly under an admin account.

"Legacy or badly written applications often require elevated privileges, resulting in organizations giving their users a privileged account in order to run these applications. Implementing Avecto Privilege Guard enables organizations to elevate the privileges of a problem application, while allowing users to log on to their computers under standard user accounts" said Austin. "Although this should not be seen as a substitute for coding an application to use the correct privileges in the first place, it significantly reduces an organization's exposure to running their users under privileged accounts, where re-coding a legacy application is simply not a viable option".

Even when an application requires a privileged account for a legitimate purpose, Privilege Guard can be used to assign these privileges to the application and not the user. This ensures that a user or application cannot inadvertently abuse a privileged account, as privileges will only be assigned to the applications that require them, and are governed by policy settings defined by the IT department.

For a list of all 25 errors, please visit http://cwe.mitre.org/top25/#CWE-250

Kevin Franks, Marketing Communications Manager

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.