From Privileged Access Management to Protecting Paths to Privilege™: BeyondTrust's Evolution in Cybersecurity

Today’s threat actors are more sophisticated than ever, leveraging advanced technologies to uncover and exploit complex, unknown pathways through cybersecurity defenses to access privileges (which include identities, entitlements, and permissions). Today’s defenders need to take a proactive, innovative approach to security—one that goes beyond traditional methods—to anticipate the tactics of modern adversaries. Simply defending known privileges is no longer sufficient.

Thinking like an attacker requires a shift in the traditional defender mindset. As John Lambert, a distinguished engineer at Microsoft, coined: “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.” Cyberthreats are no longer linear, but are more like intricate webs, where every connection can potentially be a pathway to critical assets. Defenders must think in graphs rather than lists, mapping out these pathways to effectively identify and mitigate risks, and recognizing that not all privileges look like traditional privileges.

BeyondTrust’s vision and mission are rooted in this philosophy. We fight every day on behalf of our customers to address the complex, dynamic nature of modern cyberthreats. We are evolving with the needs of the market to move beyond focusing on just managing privileged access to a more comprehensive approach—protecting Paths to Privilege™.

In this Q&A with CEO Janine Seebeck, we delve into the driving factors behind BeyondTrust’s evolving approach to identity security—and its innovative solutions—to empower customers to rapidly identify and secure not just the known privileges, but also the hidden pathways that threat actors might exploit.

Setting New Standards in Cybersecurity: A Q&A with CEO Janine Seebeck

Link copied

Q1: Why does BeyondTrust feel now is the right time to evolve its corporate messaging?

Janine Seebeck: It enables us to better communicate our approach to solving our customers’ real-world problems by showcasing our expertise, unique strengths, and innovative capabilities in advanced identity security. Instead of fitting into a pre-defined market, we are now carving out our own space that reflects the new standards we’re setting in cybersecurity. We are harnessing our many years of exceptional skills in managing privileges and access and focusing our expertise on a critical and often overlooked problem in the cybersecurity space—the paths to privilege escalation.

The refresh is also about being louder about how we solve real-world problems for our customers. With so many market players, it can be challenging to cut through the noise. We've often been called the best-kept secret in cybersecurity, and we want to change that. We want people to see BeyondTrust’s name, know we’re going to help solve their toughest challenges, and know why our identity-centric, customer-focused approach is vital. This evolution is like a coming-of-age—if you didn't know us before, you certainly will now.

Q2: Can you speak to BeyondTrust’s evolution from managing privileges to defending Paths to Privilege?

Janine Seebeck: This evolution is grounded in our deep understanding of modern threats and the ever-changing cybersecurity landscape. Identifying and defending the Paths to Privilege has become a crucial part of our core mission to solve real problems for our customers.

Privileges (Identities, permissions, and entitlements) are at the heart of almost every cyberattack today, but providing holistic security is no longer just about securing and managing known privileges—it's also about identifying and securing the unknown paths that lead to elevated access. Threat actors are continuously finding new ways to bypass traditional defenses, often exploiting overlooked or hidden pathways. To stay ahead of these evolving threats, we must think like attackers and anticipate their strategies.

Our evolution reflects a commitment to a more holistic and proactive approach to cybersecurity, but it isn’t a complete divergence from what we’ve already been doing. Our deep expertise in Privileged Access Management (PAM) and Identity Security uniquely positions us to tackle these complex challenges. On top of our decades of experience, we've developed advanced management tools that uncover connections and control plane data others can't see, providing a level of visibility and control that is essential in today's threat landscape. Our Identity Security Insights® tool, combined with our recent acquisition of Entitle, enhances our ability to provide a cohesive orchestration layer. This enables us to offer a holistic security solution that integrates seamlessly with our customers' existing systems, providing unparalleled protection.

By focusing on finding and protecting privilege pathways, we are not just reacting to known threats, but are also actively seeking out and mitigating potential identity vulnerabilities before they can be exploited. This comprehensive approach ensures our customers are better protected and more resilient against a wide range of cyber threats. It’s about being proactive, not just reactive, and ensuring our defenses evolve in tandem with the threats we face.

This shift from managing privileges to defending Paths to Privilege underscores our dedication to providing innovative, effective solutions that address the real-world challenges our customers face every day. We are committed to redefining what it means to be secure in today's digital world, and this evolution is a key part of that commitment.

Q3: Can you provide some examples of Paths to Privilege?

Janine Seebeck: When we talk about Paths to Privilege, we’re referring to exposure points in your organization—the pathways threat actors can take to penetrate your environment and make their way to the critical assets, secrets, or privileged accounts. Paths to Privilege are everywhere, and some are going to be known and protected in your environment, while others are going to be unknown and thus vulnerable to threats (because you can’t protect what you can’t see).

Attackers win by looking for the privilege pathways that have been missed. These often include:

• Vulnerable human & non-human accounts – An attacker might use compromised credentials, session hijacking, phishing exploits, or kerberoasting to capture credentials or directly authenticate as a compromised account, and exploit the privileges that account holds.
• Exposed secrets (passwords, API keys, certificates) – An attacker may gain a low privilege foothold in a network and then search the environment for secrets that can open up new privilege pathways.
• Identity infrastructure - Misconfigurations of identity infrastructure can provide an attacker with additional privilege pathways. For example, common misconfigurations in Active Directory Certificate Services can provide a path for any valid domain user to authenticate as a domain administrator.
• Remote access – Unsecure remote access solutions, such as VPNs and RDP, can open up access to an entire network when all the user needed was access to one endpoint.
• Excessive privileges – Human or machine users with excess privileges, permissions, or entitlements remain a persistent risk. Sometimes, these privileges could be deeply nested and difficult to find. The more privileges a user, account, or process amasses, the more pathways an attacker can exploit.

Our focus now includes continuously making the unknown known and addressing these paths. This proactive approach ensures our customers are protected against emerging threats that other security measures might miss.

Q4: Why do Paths to Privilege need to be a part of how security teams are thinking about their security implementations and infrastructures?

Janine Seebeck: It's crucial for security teams to understand how far-reaching the effects of an attack can be, and to implement measures that can contain and minimize this impact (by removing, hardening, and monitoring privilege pathways).

Without being able to visualize the potential impact of a security incident—what we refer to as the “blast radius”, organizations can easily miss the privilege pathways that could be leveraged by the attacker for lateral movement. Understanding and addressing the blast radius can help organizations prevent a single vulnerability from causing widespread damage. It can also help security teams prioritize, target responses, and remediate incidents faster in the event an incident should take place.

A lot of organizations lack this level of context and are unable to quantify the impact of an identity compromise. These are the types of challenges BeyondTrust’s technology was built to solve.

Q5: Can you provide an example of BeyondTrust’s defender-centric customer approach in action?

Janine Seebeck: A notable example is our response to the Okta Support Unit breach that took place in October of 2023. During the breach, our own instance of Identity Security Insights (along with tailored detections from our security teams) immediately detected the identity-based attack on one of our in-house Okta administrator accounts. In addition to protecting our own systems and ensuring our customers were safe, our security teams began reaching out to Okta to alert them to the suspected breach. Over the course of their investigation, we were able to share valuable details of our own detections and investigation, including an IP address that we had been able to link to the threat actor. It was through that IP address that Okta was able to identify what files were accessed.

This incident underscores our defender-centric customer approach, where we are committed to not just protecting our own assets, but also contributing to the broader security community. By leveraging our advanced tools and proactive security measures, we were able to mitigate the threat swiftly and help inform broader defensive strategies against such sophisticated attacks​.

While I am very proud of the impact BeyondTrust’s products and security teams had on that specific attack, I am even more proud to say that we’ve been able to make a difference with our customers as they fight against these types of threats. A good example is Town of Truckee, who experienced a security breach and subsequent ransomware attack in the height of COVID-19 that halted all operations. Town of Truckee was able to rebuild from the ground up, and they used BeyondTrust Privileged Remote Access to address what their Chief Information Security & Technical Officer, Chris Hardy, highlighted as a critical concern: securing attack pathways and locking down third-party access.

“There are so many vendors who want to be a master of all, and the most successful ones—to us—are the ones that really take the time to learn who their product is serving and what it is they want their product to do, and then just focus on those things and do it really, really, really well. And, to us, BeyondTrust was that.” –Chris Hardy, Chief Information Security & Technology Officer

Q6: How does BeyondTrust partner with its community to help evolve the cybersecurity industry?

Janine Seebeck: Our first priority is always going to be to help solve the problem for the customer, and it takes a village to solve cybersecurity problems and stop an attacker. We are in this fight together, and we can’t win if we don’t collaborate with our peers and our customers.

This is why we are actively working with our channel partners and integrating with various software solutions to create a robust global partner ecosystem. The BeyondTrust PartnerTrust ecosystem is crucial for providing comprehensive protection and enabling customers to supercharge their current investments. By forming strong alliances with technology partners, resellers, and service providers, we ensure that our customers have access to a wide range of integrated solutions to enhance their security posture. This collaborative approach allows us to offer a unified defense against modern threats, combining the strengths of different technologies and expertise to deliver holistic and effective cybersecurity solutions.

Another of our key initiatives is the Go Beyond program, which includes events in different regions. During these events, we work directly with customers and partners, learning about the specific issues they face and providing tailored advice on how to defend against evolving cyber threats. This hands-on approach not only helps us gather valuable feedback, but also allows us to educate our audience about the latest cybersecurity strategies and technologies. By engaging with our community through Go Beyond, we reinforce our commitment to being a proactive and trusted partner in their security journey.

Q7: What excites you the most about the next evolution of BeyondTrust’s brand story and what this means for the company’s future?

Janine Seebeck: What excites me most is the power of the BeyondTrust Platform coming to the forefront. Our refreshed market message highlights how interconnected and holistic our solutions are, offering holistic visibility, intelligent protection, and simplified management across an organization’s identity estate. By leveraging AI and other advanced technologies, we can enhance our customers' security postures and continue to increase awareness of BeyondTrust as a leader in the cybersecurity industry.

Q8: Are there any final thoughts you would like to share as BeyondTrust embarks on this next chapter?

Janine Seebeck: I'm thrilled by the momentum we're seeing in the market and the opportunities our evolved corporate messaging presents. It allows us to better educate current and potential customers about the modern identity threat landscape and how to protect their Paths to Privilege. BeyondTrust is uniquely positioned to help, and I'm confident that our refreshed brand story will help us make an even greater impact.

Ready to Learn More?

Link copied

Are you ready to start uncovering the potential escalation paths in your environment? Access a complimentary identity security assessment today. For more information about protecting your Paths to Privilege, click here.