Cybersecurity Insurance Checklist - Meet Insurance Requirements with BeyondTrust PAM Download for Free

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

How to Address Continuous Diagnostics and Mitigation (CDM) Program Requirements

January 17, 2016

  • Blog
  • Archive

CDM Program

There’s an endless cycle to monitoring and protecting your IT environment. It’s no longer good enough to check systems at a designated time, update patches, and then carry on. Today’s threat actors are motivated, seemingly working 24/7 to find and exploit vulnerabilities and to make a public example of agencies that aren’t on their toes.

To address these threats, the U.S. Federal government has taken several steps to shore up its cybersecurity policies and processes. The Continuous Diagnostics and Mitigation (CDM) Program enables the Department of Homeland Security (DHS), along with Federal Agencies, state, local, regional, and tribal governments, to enhance and further automate their existing continuous network monitoring capabilities, correlate and analyze critical security-related information, and enhance risk-based decision making at the Agency and Federal enterprise level.

Phase 1, which went into effect in 2013, focused on endpoint integrity. Phase 2, which took effect in 2014, focuses on least privilege and infrastructure integrity. The four main categories or steps in Phase 2 are:

  • Access control management
  • Security-related behavior management
  • Credentials and authentication management
  • Privileges
CDM PHASE BEYONDTRUST SOLUTION

Phase 1 – Endpoint Integrity

HWAM – Hardware Asset Management SWAM – Software Asset Management CSM – Configuration Settings Management VUL – Vulnerability Management Retina CS Enterprise Vulnerability Management

Phase 2 – Least Privilege and Infrastructure Integrity

TRUST – Access Control Management (Trust in People Granted Access) PowerBroker Privileged Access Management Retina CS Enterprise Vulnerability Management
BEHV – Security-Related Behavior Management BeyondInsight Clarity
CRED – Credentials and Authentication Management PowerBroker Password Safe
PRIV – Privileges PowerBroker for Windows PowerBroker for Mac PowerBroker for Unix & Linux

To help you address your CDM Phase 2 requirements, we’ve created a summary of the functional areas and how BeyondTrust solutions can help.

(TRUST) Access Control Management (Trust in People Granted Access)

The Manage Trust in People Granted Access capability informs the Manage Account Access capability by providing background information and potential risk, or compromise, factors. These factors are used to determine if someone should be granted access.

BeyondTrust solutions can integrate with identity and access management solutions to provide a powerful best-of-breed solution that will:

  • Increase visibility into user, application and asset interaction with behavioral analytics to track potential malicious activity from insider and external threats
  • Enhance efficiency around regulatory compliance reporting by providing insight into identity activities and account utilization
  • Provide visibility into provisioning applications to minimize risk and potential breaches

(BEHV) Security-Related Behavior Management

The security-related behavior management functional area addresses the behavior of someone who has been granted access to IT devices and systems. Information from this capability feeds into the Manage Trust in People Granted Access capability where determinations will be made about someone’s suitability for continued access based, in part, on their behavior.

BeyondInsight Clarity enables IT and security professionals to identify the data breach threats typically missed by other security analytics solutions. A standard capability of the BeyondInsight IT Risk Management Console, Clarity pinpoints specific, high-risk users and assets by correlating low-level privilege, vulnerability and threat data from a variety of BeyondTrust and third-party solutions.

(CRED) Credentials and Authentication Management

The MCA capability ensures that account credentials are assigned to, and used by, authorized people.

PowerBroker Password Safe automates password and privileged session management, providing secure access control, auditing, alerting, and recording for any privileged account. By improving the accountability and control over privileged access, IT organizations can reduce security risks and achieve compliance objectives.

(PRIV) Privileges

Prevent access beyond what is needed to meet business mission by limiting account access and eliminating unneeded accounts to prevent attackers from gaining unauthorized access to sensitive data.

PowerBroker for Windows, PowerBroker for Mac and PowerBroker for Unix & Linux reduce the risk of privilege misuse on physical and virtual Microsoft Windows desktops and servers, Mac desktops, and Unix and Linux servers. By eliminating administrator privileges, delegating access, simplifying the enforcement of least privilege policies, maintaining application access control, and logging privileged activities, IT closes security gaps, improves operational efficiency, and achieves compliance objectives faster.

For more information on the CDM program requirements and how BeyondTrust solutions address the categories, please download our white paper ‘Addressing Continuous Diagnostics and Mitigation Program Requirements’. Or, contact us today to schedule a strategy session.

Photograph of Sandi Green

Sandi Green, Product Marketing Manager, BeyondTrust

Sandi Green is the Product Marketing Manager for PowerBroker Password Safe, PowerBroker for Windows, and PowerBroker Mac at BeyondTrust. She has over 20 years of sales and solutions marketing experience with technology companies that served a variety of industries ranging from life sciences, human capital management, consumer packaged goods and most recently IT security. When she’s not following the latest trends in Cybersecurity, she’s busy following college football and basketball. Follow her on Twitter at @SandiGreen3.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Microsoft Vulnerabilities Report 2021

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.