Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

How PowerBroker for Windows Can Help Prevent Hacks

August 9, 2018

  • Blog
  • Archive

blog-how-powerbroker-for-windows-can-help-prevent-hacks.jpg

No one wants to get hacked. Having your workstation owned or your organization breached is costly and demoralizing. Security companies have been developing tools since the first viruses to prevent systems from being compromised and malware performing malicious activities on behalf of a threat actor. The truth is simple, however; no one solution can protect an asset from being hacked and the old defense in depth, layered model truly is the best approach to a successful defense. This includes everything from local endpoint protection solutions, to vulnerability and patch management.

This year, Gartner has stated that the #1 strategic initiative for all organizations should be Privileged Access Management (PAM). The scope includes enterprise password management and session recording as well as the removal and management of privileged accounts on all endpoints from servers to workstations and network devices. On Microsoft Windows servers and desktops, this is commonly in the form of Least Privileged Management. This includes removing all necessary administrative accounts, managing local administrator accounts and services, and removing administrative rights from all users including the suspension of all the secondary "xadmin" accounts. This security strategy, as recommended by Gartner, provides a strategically solid security layer to prevent assets from being hacked.

Utilizing PowerBroker for Windows, environments can add this defense in depth layer, achieve the recommendations by Gartner, and prevent hacks that typically evade endpoint, vulnerability, and patch management solutions. These are commonly referred to as Privileged Attack Vectors.

So how does PowerBroker for Windows prevent you from getting hacked?

  • Allows applications to run within administrative rights, not user rights. This patented token swapping technology runs applications with unique security tokens, prompts for optional justification, and keeps the user at lower privileges allowing applications to interact with the operating system and environment without the risk of excessive user administrator privileges.
  • Thwarts hacking tools that scrape memory for passwords like Mimikatz. Any hashes scrapped from memory are only valid for that application, specific session, and cannot be copied for authentication attacks used in lateral movement.
  • Contains patented technology called Vulnerability-Based Application Management (VBAM) that can measure the risk of an application before deciding on privileges and runtime. Based on CVE score, age, and regulatory compliance requirements, applications can have privileges stripped or even blocked to prevent a hacking attempt against a vulnerable application.
  • Can protect the file system from unauthorized changes by the user using a dedicated file integrity module.
  • Advanced tamper protection to ensure that the solution itself cannot be disabled, user accounts added, or the solution itself misused by a threat actor to elevate unauthorized applications.
  • Integrating PowerBroker for Windows with PowerBroker Password Safe allows for the automatic management of all local privileged accounts, including service accounts, to ensure passwords are unique and do not become stale.

While no single technology can prevent all hacks, having a layered defensive strategy is vital. Modern threats pray on social engineering, weak credentials, password reuse, and vulnerabilities that have just not been patched. Minimizing these risks requires us to understand that most malware needs administrative rights to infect a system, vulnerable applications can be compromised more readily if hacked with administrative rights, and end users do not administrative rights to perform their daily job functions. PowerBroker for Windows can help prevent your resources from being hacked and implement security best practices for PAM. It is time to embrace PAM, prevent hacks, and listen to the recommendations from the security community and leading analysts.

For more information on how PowerBroker for Windows can address your organization’s challenges, download our latest white paper, The CISO’s Guide to Managing Risk for Privileged Access & Credentials in Windows Environments.

Morey J. Haber

Chief Technology Officer and Chief Information Security Officer at BeyondTrust

Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.