Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português

Info icon Announcement: 2026 KuppingerCole PAM Leadership Compass: BeyondTrust recognized as an Overall Leader and top Product Leader among 36 evaluated vendors. Access the Report

  • Home
  • Resources
  • Attacks & Defenses current page
Link copied

Attacks & Defenses

CHANNEL

Stay on top of contemporary cybersecurity challenges with insights through blogs, webinars, podcasts, research and reports, glossary posts, and more

Attacks defenses
Resource Center

Share with a custom URL copied to your clipboard

Filters

Loading
URL Copied!
Copied to Clipboard!

Tags

Channels

Loading:
Loading
BT Resources BLOG thumbnails 2000x2000 17

How to Defend Against the Confused Deputy Problem in the Age of Agentic AI

The confused deputy problem occurs when a trusted program, service, or automation uses its own privileges to perform an unauthorized action for a lower-privileged requester. This blog explains how attackers exploit trusted tools, why Agentic AI magnifies the risk, and how modern PAM and least privilege approaches stop program-to-program privilege escalation.

Continue Reading :How to Defend Against the Confused Deputy Problem in the Age of Agentic AI
Reading Time: 7 mins
AI Agent Code Interpreter

Pwning AI Code Interpreters in AWS Bedrock AgentCore

Phantom Labs discovered that AWS Bedrock AgentCore Code Interpreter’s sandbox mode allows DNS queries, enabling bypass of network isolation through DNS-based command-and-control. This research details the discovery, proof-of-concept exploit, disclosure timeline, and defensive guidance for organizations using Code Interpreter workloads.

Continue Reading :Pwning AI Code Interpreters in AWS Bedrock AgentCore
Reading Time: 10 mins
Agentic AI Identity Security

Closing The Agentic AI Security Gap: Why Identity Protection Must Evolve Now

Agentic AI is expanding identity security risk. Here’s how to adopt it without opening new pathways for attackers.

Continue Reading :Closing The Agentic AI Security Gap: Why Identity Protection Must Evolve Now
Reading Time: 4 mins
Securing AI Agents

Operationalizing AI Security: How To Govern AI Agent Identities Before Attackers Exploit Them

AI agents bring efficiency and risk. This blog shows how BeyondTrust operationalizes AI security by securing agent identities and credentials across AWS, ServiceNow, and Azure AI Foundry.

Continue Reading :Operationalizing AI Security: How To Govern AI Agent Identities Before Attackers Exploit Them
Reading Time: 8 mins
Kerberoasting Detections

From Heuristics to Histograms: Reinventing Kerberoasting Detections

This blog explores the basics of a Kerberoasting attack, the limitations of traditional Kerberoasting detection methods, and walks through why our data modeling approach is able to surface the hidden threats traditional defenses miss.

Continue Reading :From Heuristics to Histograms: Reinventing Kerberoasting Detections
Reading Time: 12 mins
Elevation of Privilege Attacks

A Guide to Using Longitudinal Data Analysis for Improved Identity Threat Detection

This blog marks the first in a series that explores applications of longitudinal data analysis (LDA) in identity security. In this initial blog, we will focus on how LDA can be leveraged to detect anomalous privilege changes, a common security risk in large organizations.

Continue Reading :A Guide to Using Longitudinal Data Analysis for Improved Identity Threat Detection
Reading Time: 13 mins
  • BT Resources BLOG thumbnails 2000x2000 17
    Dec 3, 2025

    How to Defend Against the Confused Deputy Problem in the Age of Agentic AI
    Blog
    7m
  • AI Agent Code Interpreter
    Mar 16, 2026

    Pwning AI Code Interpreters in AWS Bedrock AgentCore
    Blog
    10m
  • Agentic AI Identity Security
    Sep 16, 2025

    Closing The Agentic AI Security Gap: Why Identity Protection Must Evolve Now
    Blog
    4m
  • Securing AI Agents
    Sep 30, 2025

    Operationalizing AI Security: How To Govern AI Agent Identities Before Attackers Exploit Them
    Blog
    8m
  • Kerberoasting Detections
    Jul 23, 2025

    From Heuristics to Histograms: Reinventing Kerberoasting Detections
    Blog
    12m
  • Elevation of Privilege Attacks
    Apr 4, 2025

    A Guide to Using Longitudinal Data Analysis for Improved Identity Threat Detection
    Blog
    13m

Research & Findings

  • Resource Card MS vulns 2026

    Apr 21, 2026

    2026 Microsoft Vulnerabilities Report

    Research
    2m
  • True Privilege Graph 2

    Apr 27, 2026

    Detecting Hidden Privilege with Machine Learning: Anomaly Detection in BeyondTrust’s True Privilege Graph

    Blog
    5m
  • Cyber Retaliation

    Mar 4, 2026

    Iran Cyber Retaliation: A 90-Day Risk Outlook for Identity Security and Privileged Access

    Blog
    6m
  • AI Security

    Apr 9, 2026

    Claude & Control: An Introduction to Agentic C2 with Computer Use Agents

    Blog
    12m
  • Hidden Permissions

    Apr 20, 2026

    Salesforce Access Risk: How Hidden Permissions Create Security Blind Spots

    Blog
    4m
  • Paths to Privilege Whitepaper 405x210

    Aug 23, 2024

    Paths to Privilege Explained

    Resources
    1m

How Customers are Defending and Responding to Threats with BeyondTrust

  • Resource Card Customer Case Study Town of Truckee

    Aug 5, 2024

    Town of Truckee: Enhancing Security and Efficiency with BeyondTrust

    Case Studies
    2m
  • Identity Security for Government Agencies

    Aug 12, 2025

    Large State Entity Adopts Identity Security Insights to Reveal Data Across Domains and Reduce Risk

    Research
    4m
  • Resource Card Customer Case Study University of Derby

    Jan 29, 2020

    University of Derby: Enhancing Security & Productivity with Endpoint Privilege Management

    Case Studies
    2m
  • Resource Card Customer Case Study Bechtle

    Jun 14, 2019

    Bechtle: Achieving Best-In-Class Security and Productivity with BeyondTrust

    Case Studies
    1m
  • Resource Card Customer Case Study Zensar

    Nov 29, 2022

    Case Study: Zensar Solves the Privileged Access Challenge

    Case Studies
    1m
  • Resource Card Customer Case Study Behavox

    Aug 21, 2023

    Securing AI-Driven Compliance: How Behavox Fortified Data Protection with BeyondTrust's Privileged Remote Access

    Case Studies
    1m

Cyberattack Spotlight

  • Cyber Defense Team

    Mar 4, 2026

    Threat Advisory: Iran-Aligned Cyber Actors Respond to Operation Epic Fury

    Blog
    9m
  • Town of truckee

    Aug 9, 2024

    Ep. 59 - Cyber Siege in Flannel: The Town of Truckee's Ransomware Battle

    Podcasts
    50m
  • Midnight Blizzard 820x410

    Jan 22, 2024

    How Midnight Blizzard Breached Microsoft & How You Can Mitigate Similar Attacks

    Blog
    1m
  • Okta breach update

    Dec 8, 2023

    Okta Support Unit Breach Update & Security Implications

    Blog
    1m
  • Eliza May Austin Headshot BW

    Nov 3, 2023

    Ep. 41 - The TeamViewer Attack, Roly-Polies, and Purple Teaming // Eliza-May Austin

    Podcasts
    54m
  • Mark Weatherford headshot

    Jun 28, 2024

    Ep. 57 - Getting Lost in the Moonlight Maze Breach // Mark Weatherford

    Podcasts
    51m

Understanding Cyber Threats 101

  • Zero Day Proper Definition

    Apr 8, 2026

    The Proper Zero Day Vulnerability Definition

    Blog
    6m
  • Autonomous AI agent security

    Dec 19, 2025

    Agentic AI Security: How Autonomous AI Redefines Identity Compared to Generative AI

    Blog
    8m
  • Service Desk Exploits

    Dec 18, 2025

    How Service Desk Exploits Put Your Organization at Risk

    Blog
    7m
  • Resource default

    Jan 30, 2026

    MFA Fatigue Attack

    Glossary
    1m
  • Token Based Threat

    Jun 30, 2023

    Defending Against Token-Based Threats

    Blog
    1m
  • Hybrid Threat Mango Sandstorm

    Jul 24, 2023

    How Hybrid Cyberthreats are Exploiting Digital Identities

    Blog
    1m

Defensive Cybersecurity Strategies

  • AI Agent Coworkers

    Mar 23, 2026

    AI Agent Identity Governance: Why Least Privilege is the Non-Negotiable Security Control

    Blog
    9m
  • BT Resources BLOG thumbnails 2000x2000 31

    Mar 23, 2026

    Securing Agentic AI Workloads with Visibility and Privileged Control

    Blog
    6m
  • Privilege Escalation Attack

    Jan 16, 2026

    What Is Privilege Escalation? Attacks & Defense Explained

    Blog
    28m
  • How to Stop Insider Attacks

    Aug 5, 2025

    Insider Threat Protection: How EPM Stops Internal Risks

    Blog
    6m
  • Evil VM

    Jul 17, 2025

    “Evil VM”: From Guest Compromise To Entra Admin In 9 Easy Steps

    Blog
    5m
  • Restless Guests

    May 28, 2025

    Restless Guests: The True Entra B2B Guest Threat Model

    Blog
    8m

Prevent, Detect, & Dismantle Threats with BeyondTrust

  • Press default

    Feb 26, 2025

    BeyondTrust Pathfinder Delivers a One-Platform Approach to Identity-Centric Security

    Press & Media
    3m
  • CISA Secure By Design Pledge

    Dec 10, 2025

    CISA’s Secure by Design Pledge: Charting BeyondTrust’s Progress One Year Later

    Blog
    11m
  • Resource Card EPM and EDR whitepaper

    Dec 2, 2025

    Beyond EDR: Why EPM and Least Privilege are Critical to Endpoint Protection

    Research
    1m
  • Beyond Trust

    Oct 20, 2023

    BeyondTrust Discovers Breach of Okta Support Unit

    Blog
    1m
  • Securing remote access software resource card

    Dec 15, 2023

    Addressing CISA, NSA, & FBI Guidance for “Securing Remote Access Software” with BeyondTrust

    Resources
    1m
  • Paths to Privilege Whitepaper 405x210

    Aug 23, 2024

    Paths to Privilege Explained

    Resources
    1m

More Blogs and Webinars

  • Business Email Compromise

    Aug 26, 2025

    What Is a BEC Attack? Examples and Prevention

    Blog
    7m
  • RSRC thumbnail 5

    Jul 16, 2025

    Going Beyond Detection: How to Counter Iranian Nation-State TTPs with AI-Powered Insights

    Blog
    5m
  • Generative AI in Insider Threat Evolution

    Jul 25, 2025

    Generative AI’s Role in Insider Threat Evolution

    Blog
    4m
  • 2025 BeyondTrust Microsoft Vulnerabilities Report

    Apr 15, 2025

    Microsoft Security in 2025: Top Vulnerability Trends from the BeyondTrust Microsoft Vulnerabilities Report

    Blog
    5m
  • Full Stack PAM

    Mar 31, 2025

    Your Guide to Full-Stack Privileged Access Management (PAM)

    Blog
    9m
  • Modern PAM 2

    Jan 29, 2025

    Modern PAM Defined: What It Is, and Why It’s Needed

    Blog
    8m

Stay up to Date

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

Explore More

  • BT Webinar Resource Card 660x660
    Jul 2, 2026

    EMEA | Tech Talk Tuesday: AI-assisted workflow with Pathfinder AI & Pathfinder MCP

    Webinar
  • Resource Card Entitle PS solution brief 2026 1
    Jun 8, 2026

    Implement Zero Trust Credential Security, While Achieving Productivity Gains

    Research
    1m
  • Shadow IT thumbnail
    Jun 5, 2026

    The Most Common & Most Dangerous Types of Shadow IT

    Blog
    19m
  • Password Encryption 101
    May 28, 2026

    14 Password Management Best Practices

    Blog
    12m
  • Resource default
    May 27, 2026

    What is a Rainbow Table Attack?

    Glossary
    1m
  • Cloud security
    May 21, 2026

    How to Secure Cloud-Native Infrastructure at Scale and Speed: A Conversation with Madhu Adireddi

    Blog
    5m
  • Kuppinger Cole LC PAM 6 2 26
    May 18, 2026

    2026 KuppingerCole Analysts Leadership Compass for PAM

    Research
    3m
  • Resource Card Mapping OTCC Compliance Whitepaper
    May 14, 2026

    Mapping BeyondTrust Capabilities to the Operational Technology Cybersecurity Controls (OTCC)

    Resources
    1m
  • African Tel Co thumbnail
    May 12, 2026

    Cybersecurity as a Boardroom Priority for Major African TelCos

    Blog
    8m
  • BT Webinar Resource Card 660x660
    Jun 3, 2026

    EMEA | Understanding the 2026 Microsoft Vulnerability Landscape: Insights & Expert Panel Discussion

    On-Demand Webinar
Loading

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.