NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Stop Attacks by Connecting Your Security Dots

December 22, 2016

  • Blog
  • Archive

Connect Security DotsEditors note: This is the third of three use case blogs that describe how a BeyondTrust-orchestrated cyber defense can prevent or minimize an attack. To illustrate, we’ll use specific use cases available in the Verizon Data Breach Digest (full report). Read the first use case on State Actors Targeting Critical Infrastructure and the second on Connecting Threat Data to Minimize Payment Card Fraud.

From the Data Breach Summary:

What do pirates on the high-seas have to do with securing web servers and content management systems (CMS)? It seems as though cybercrime is not isolated to the digital world any longer, as old world, Blackbeard-type pirates turn to the web for information that will make their physical attacks more targeted and lucrative.

A global shipping conglomerate unfortunately experienced this new reality firsthand. It wasn’t the fact that pirates commandeered one of their cargo vessels, and stole valuable merchandise, but instead it was the precision in which they carried out the theft –the pirates knew exactly what they were looking for and precisely where to find it.

An investigation into the shipping company’s systems revealed that pirates exploited existing vulnerabilities within the shipper’s server to successfully upload a malicious web shell onto a server that was managing shipping routes. This enabled the threat actors to download detailed bills of lading that identified desired valuables, their associated crate numbers, and the ships that would transport them.

How an Orchestrated Cyber Defense can Minimize Risks Like This

Want to take your vulnerability management game to the next level? Download our latest white paper, Change the Game in Vulnerability Management, Download now

To help prevent or minimize risks associated with similar attacks, BeyondTrust recommends an integrated security approach that includes BeyondTrust and 3rd party solutions.

Retina CTVI

Technologies Integrated:

  • Asset Management
  • Workflow Management & Ticketing
  • Patch Management
  • Windows Least Privilege
  • Vulnerability Management

A simple first step would have been for the Shipper to close its web server vulnerabilities via a continuous vulnerability management program using an enterprise solution like BeyondTrust Retina. To gain a holistic view of their assets the shipper could have imported detailed asset data from ServiceNow into the Retina database.

Once all of the assets had been enumerated and scanned for vulnerabilities, the Shipper could have streamlined the patching of these vulnerabilities with Retina’s direct integration with Microsoft’s WSUS and SCCM. Given the number of errors committed by these actors, closing these soft targets and raising the barrier to entry to something more challenging may have exceeded their skill level and served as a deterrent.

To ensure easy attack vectors were eliminated, Retina could have been connected to BMC Remedy or ServiceNow workflow management and ticketing systems, to enable the traceability of remediation tickets as well as to request on-demand vulnerability scans, to verify closed vulnerabilities.

Finally, since it’s not practical to close all vulnerabilities, Retina’s tight integration with BeyondTrust PowerBroker for Windows, would have allowed the Shipper to limit the scope of an attack by controlling access to applications based on their known vulnerabilities.

ss-pbw-vulnerability-based-application-managememt.jpgPowerBroker for Windows: Vulnerability Based Application Management (VBAM)

It’s Time to Change the Game!

By mobilizing our “security villages” (yes you have one), and automating their interactions, we can collect data from a variety of trusted sources, correlate it into a clear picture of risk, and take swift and decisive actions to mitigate vulnerabilities and threats. That’s how we flip the game on our adversaries and take control of vulnerabilities that have been plaguing us for more than a decade.

Want to take your vulnerability management game to the next level? Download our latest white paper, Change the Game in Vulnerability Management, for more attack scenarios and to discover how orchestrating your cyber defenses can keep you steps ahead of the bad guys.

For more, contact us today!

Photograph of Scott Lang

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.