Again, the user’s privileges never change and the modified application runs with the new security token, which can be customised to any level required for the application to correctly function:
As a result, the user never has a hash that malware or a hacker can leverage against another resource with elevated permissions. In addition, the privileges granted to the application could either be executed as a full administrator or customised to only allow the privileges or process required for the task to execute. For example, the application can be granted full administrative privileges but denied access to shut down the system.
The fact remains that, in most organisations, too many users have excessive privileges. Hacking techniques like Pass-The-Hash have been successfully used to maliciously compromise entire infrastructures. Simply removing privileges can cripple business productivity, since critical applications and tasks can no longer function correctly as a standard user. A tool or technique is needed to bridge that gap, and PowerBroker for Windows is that solution.
PowerBroker for Windows preserves the privileges granted to the user and only modifies the application’s runtime security token to meet the needs of the application (on a per application basis). With over 250 rules in PowerBroker’s sample rules library, you do not need to start from scratch to make this change a reality. Our best practices guide, professional services team, and years of experience in privileged account management can help make hacking techniques like this a moot point for your business.
Morey J. Haber, Chief Security Officer, BeyondTrust
Morey J. Haber is the Chief Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four books: Privileged Attack Vectors, Asset Attack Vectors, Identity Attack Vectors, and Cloud Attack Vectors. He is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud based solutions and regularly consults for global periodicals and media. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition where he served as a Product Owner and Solutions Engineer since 2004. Prior to eEye, he was Beta Development Manager for Computer Associates, Inc. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
