Regardless of the tactics used, most breaches often begin with an attacker exploiting a single external vulnerability on a low-level system. Once inside, adversaries troll around your network, inconspicuously, as employees or contractors – capitalizing on privileges to gain access to critical systems and sensitive information.
Such was the case with Adobe’s well publicized breach, when a path from the Internet to a Cold Fusion server was opened without the company’s knowledge. Unfortunately for Adobe, that server had a low-priority vulnerability that was exploited and, well, you know the rest.
Organizations need a way to unify their vulnerability and privilege risk intelligence, so that IT and Security Ops can make least privilege and security decisions based on their collective information, working together, and not have to settle for using fragmented pieces or parts.
At BeyondTrust we’ve knocked down the walls that once isolated vulnerability and privilege data. Powered by the BeyondInsight risk analytics platform, Retina vulnerability management (VM) and PowerBroker privileged access management (PAM) share information about assets, users and their associated applications - giving you insights into how privileges and vulnerabilities interrelate to impact your organization’s overall security posture in the context of its business priorities.
(click to enlarge)
Here are just a few examples that demonstrate how vulnerability and privilege intelligence are clearly better together:
Combining Privileged Password and Vulnerability Management empowers organizations to:
- Eliminate threats from unidentified privileged accounts by using the best discovery capability available – a vulnerability scanner – to discover and profile all users, assets and services
- Quickly uncover hidden dangers, lurking within a network, by automatically grouping assets with like attributes to weed out and remediate those that pose the greatest danger
- Prevent leaky systems from contaminating a network by checking asset vulnerability scores prior to granting users privileged access
- Automate the use of continuously rotating privileged credentials, for authenticated vulnerability scans
Combining Least Privilege and Vulnerability Management empowers organizations to:
- Control access to applications by enforcing least-privilege policies based on an application’s known vulnerabilities, as well as their age, potential risk, and impact on regulatory compliance
- Prioritize which vulnerabilities to focus on first, since least privilege products can tell them which applications are used most frequently and by whom
BeyondTrust has tightly integrated its PowerBroker Password Safe, PowerBroker for Windows, and Retina CS products to create a more intelligent enterprise password security and endpoint least privilege solution.
Want to know how it works? See for yourself how you can use vulnerability intelligence to inform least privilege access, increase your threat visibility and ultimately make smarter security decisions. Lastly, be sure to download our latest white paper, 10 Reasons to Rethink Your Vulnerability Management, to learn more about cutting-edge capabilities that will keep you steps ahead of the bad guys.
For more, contact us today!
Scott Lang, Sr. Director, Product Marketing at BeyondTrust
Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.