Intelligent CISO – BeyondTrust cybersecurity predictions for 2024 – and beyond

– “Looking ahead helps us anticipate where cyber threat actors will undoubtedly head, and preparing for what’s ahead makes all the difference in risk management effectiveness,” said Morey Haber, Chief Security Officer at BeyondTrust. “At BeyondTrust, we plan to provide the best security solutions to address current and future attack vectors, which our customers and partners expect.”

Continue Reading

KuppingerCole – The Future of Identity Security: PAM+CIEM+ITDR

– Join identity and experts at KuppingerCole Analysts and BeyondTrust as they discuss the impact of the evolution of business IT, the trends shaping the identity landscape, the importance of identity security, and the role of privileged access management (PAM), cloud infrastructure entitlement management (CIEM), and identity threat detection and response (ITDR).

Continue Reading

Security Boulevard – Okta Breach Threat Intel Advisory

– BeyondTrust, a cybersecurity company that provides privileged access management solutions, was among the Okta customers affected by Okta’s customer support breach. The company acknowledged that the attackers had gained access to some of its internal systems but maintained that customer data remained secure.

Continue Reading

ARS Technica – Okta Hit by Another Breach, This one Stealing Employee Data from 3rd-Party Vendor

– Thursday’s disclosure comes two weeks after Okta revealed that hackers compromised its customer support system and obtained credentials that allowed them to take control of customers’ internal Okta administration accounts. The attackers then used those credentials in follow-on hacks that targeted the internal administration accounts of 1Password, BeyondTrust, Cloudflare, and possibly other customers.

Continue Reading

MSSP Alert – Managed Security Services Provider (MSSP) Market News: 2 November 2023

– SecureAuth, an access management and authentication specialist, has announced its expanded technology partnership with BeyondTrust, an intelligent identity and access security company. This strategic alliance takes the form of a deeper integration with Arculix, SecureAuth’s passwordless authentication solution, with BeyondTrust Privileged Remote Access for SAML, Linux and Unix and BeyondTrust Password Safe.

Continue Reading

KBI Media – BeyondTrust Releases Cybersecurity Predictions for 2024 and Beyond

– BeyondTrust, the worldwide leader in intelligent identity and access security, today released its annual forecast of cybersecurity trends emerging for the New Year and beyond. These projections, authored by BeyondTrust experts Morey J. Haber, Chief Security Officer; Christopher Hills, Chief Security Strategist; and James Maude, Director of Research, are based on shifts in technology, threat actor habits, culture, and decades of combined experience.

Continue Reading

VMBlog – SecureAuth and BeyondTrust Enhance Technology Partnership with Arculix Integration and BeyondTrust Intelligent Identity & Access Security for Digital Identity Protection

– "BeyondTrust Intelligent Identity & Access Security solutions integrate with Arculix by SecureAuth, their next-gen passwordless continuous authentication with the recent technical validation for our three privilege management access product lines to ensure only authorized users can access privileged accounts - while enhancing the authentication experience for the account owners," said David Manks, Vice President of Worldwide Alliances of BeyondTrust. "This integration offers enterprises the ability to reinforce security while providing a frictionless user experience."

Continue Reading

SANS – Recent Cyber Threats Defenders Should Pay Attention To

– Identity management service Okta announced a breach of their support case management system. Notably, other companies, BeyondTrust, Cloudflare, and 1Password, identified the breach before Okta publicly announced it. While Okta has reportedly reached out to affected customers, you may want to consider contacting them if you use Okta.

Continue Reading

Biometric Update – SecureAuth Reveals BeyondTrust Behavioral Biometrics Integration, 3 new Patents

– “BeyondTrust Intelligent Identity & Access Security solutions integrate with Arculix by SecureAuth, their next-gen passwordless continuous authentication, with the recent technical validation for our three privilege management access product lines to ensure only authorized users can access privileged accounts – while enhancing the authentication experience for the account owners,” says David Manks, VP of Worldwide Alliances of BeyondTrust. “This integration offers enterprises the ability to reinforce security while providing a frictionless user experience.”

Continue Reading

Security InfoWatch – BeyondTrust Releases Cybersecurity Predictions for 2024 and Beyond

– “Looking ahead helps us anticipate where cyber threat actors will undoubtedly head, and preparing for what’s ahead makes all the difference in risk management effectiveness,” said Morey Haber, Chief Security Officer at BeyondTrust. “At BeyondTrust, we plan to provide the best security solutions to address current and future attack vectors, which our customers and partners expect.”

Continue Reading

ITWorld Canada – Cyber Security Today, Week in Review for the Week Ending Friday, Oct. 27, 2023

– In a few minutes David Shipley of Beauceron Security will be here to discuss recent news. That includes the admission by identity management provider Okta that a hacker compromised its customer support system and then saw customer technical files that included credentials. 1Passord, Cloudflare and BeyondTrust said their systems were attacked as a result of this compromise.

Continue Reading

SearchSecurity – Risk & Repeat: Okta Under Fire After Support System Breach

– BeyondTrust published a blog Friday revealing that it first alerted Okta of a potential breach after detecting initial threat activity in the BeyondTrust network on Oct. 2. Cloudflare, meanwhile, published a somewhat critical blog post titled, "How Cloudflare mitigated yet another Okta compromise." The security vendor said it discovered and mitigated an attack on its systems on Oct. 18, "more than 24 hours before we were notified of the breach by Okta."

Continue Reading

Practical 365 – Practical Protection: Banning Bad Passwords

– Affected customers include 1Password and BeyondTrust, both of whom caught the attacks earlier… but there are very possibly others. Microsoft’s Merrill Fernando posted a good explanation of the issues surrounding token theft from HAR files, and he gives some practical advice on how to minimize the risk that this attack will be used against you. It is well worth reading.

Continue Reading

MACerkopf – Cyber Attacks on Okta (German)

– Security company BeyondTrust had also been affected by the cyberattack on Okta. A hacker had tried to use authentication cookies to access the company's Okta account. BeyondTrust's account policies prevented the attack. Now, 1Password has been the second known Okta customer to be affected, along with BeyondTrust.

Continue Reading

IT Wire – Chris Puleston Joins BeyondTrust to Lead Australian Public Sector Business Momentum

– BeyondTrust has announced the appointment of Chris Puleston to lead its Public Sector business in Australia. Based in Canberra, Chris will be responsible for accelerating business growth among Federal and State public sector agencies while supporting their capacity to proactively protect their identities and safeguard critical assets in today’s evolving threat landscape.

Continue Reading

Le Monde Informatique – After the Okta Hack, Evidence of Strong MFA Policies is Needed (French)

– “It is important that Okta customers improve their security policies by leveraging certain settings, for example, by prompting users with administrative privileges to authenticate with MFA at every login,” said l BeyondTrust security team in a newsletter. “Even if the attacker has hijacked an existing session, Okta still considers accessing the dashboard a new logon and requests permission to open an MFA session.

Continue Reading

LeMagIT – 1Password Blocks Attack Linked to Okta Attack (French)

– BeyondTrust revealed that it initially detected and reported the breach to Okta on October 2, although its CTO Marc Maiffret stressed that it took time to convince Okta that it was behind the breach. Cloudflare also released a statement on Friday confirming that it detected an Okta-related attack on October 18.

Continue Reading

KultureGeek – Hack: Okta Customer Data Affected (French)

– We do not yet know if the staff in question uses multi-factor identification, which would be the least possible given the type of data processed. BeyondTrust, a security company, said it notified Okta at the first sign of suspicious activity, only receiving a response two weeks later.

Continue Reading

Global Security Magazine – Detailed Testimony from BeyondTrust on the Okta Attack (French)

– The incident began when BeyondTrust security teams detected an attacker attempting to access an internal Okta administrator account using a valid session cookie stolen from Okta's support system. Custom policy controls blocked the attacker's initial activity. However, the limitations of Okta's security model allowed it to perform some actions. BeyondTrust's Identity Security Insights tool alerted teams, who were able to block all access and verify that this attacker did not have access to any systems.

Continue Reading

ChannelNews – Okta Support Compromised Using Stolen Credential (French)

– To make matters worse, BeyondTrust, one of Okta's customers, claims to have detected and blocked an attempt to log in to an internal Okta administrator account on October 2 using a stolen cookie. The privileged access specialist immediately informed Okta that its support organization was compromised, but it took the vendor more than two weeks to confirm the breach.

Continue Reading

SwissCybersecurity.net (CH) – Cyber Criminals Hack Okta and Get Hold of Customer Data

– Identity service provider Okta reports another attack on its databases. Hackers are said to have gained access to sensitive customer data via the support department. This is not the first incident. In 2022, the Californian company recorded a data theft, after hackers hacked a tool of their customer support. This August, the service provider reported social engineering attacks on its IT service desk employees. Okta customer BeyondTrust had already alerted the service provider to the cyberattack on October 2.

Continue Reading

IT-Markt (CH) – Cyber Criminals Hack Okta and Get Hold of Customer Data (German)

– Identity service provider Okta reports another attack on its databases. Hackers are said to have gained access to sensitive customer data via the support department. This is not the first incident. In 2022, the Californian company recorded a data theft, after hackers hacked a tool of their customer support. This August, the service provider reported social engineering attacks on its IT service desk employees. Okta customer BeyondTrust had already alerted the service provider to the cyberattack on October 2.

Continue Reading

Identity Economy – Okta Once Again Gateway for Hackers (German)

– Once again, hackers managed to gain access to Okta's customer service system using stolen credentials. This allowed them to access sensitive data uploaded by Okta customers. Back in early October, a hacker at Okta customer BeyondTrust attempted to access an internal Okta administrator account using a valid session cookie copied from Okta's support system. The hacker was only able to perform a limited number of actions.

Continue Reading

Identity Economy – Okta Once Again Gateway for Hackers (German)

– Once again, hackers managed to gain access to Okta's customer service system using stolen credentials. This allowed them to access sensitive data uploaded by Okta customers. Back in early October, a hacker at Okta customer BeyondTrust attempted to access an internal Okta administrator account using a valid session cookie copied from Okta's support system. The hacker was only able to perform a limited number of actions.

Continue Reading

Sysbus.eu – Trend Topic Security (German)

– "The current wave of cyberattacks is largely based on the misuse of privileged access rights and identities which threat actors use to compromise business IT systems or steal sensitive information," said Mohamed Ibbich, Director of Solutions Engineering at BeyondTrust.

Continue Reading

Tech Startups – Okta Data Breach Spreads to Cloudflare and 1Password

– “On October 2nd, 2023, the BeyondTrust security teams detected an identity-centric attack on an in-house Okta administrator account. We immediately detected and remediated the attack through our own Identity Security tools, resulting in no impact or exposure to BeyondTrust’s infrastructure or to our customers. The incident was the result of Okta’s support system being compromised which allowed an attacker to access sensitive files uploaded by their customers,” BeyondTrust wrote.

Continue Reading

Silicon UK – Okta’s Latest Cyber Breach Knocks Billions Off Company Value

– “We raised our concerns of a breach to Okta on October 2nd,” BeyondTrust blogged. “Having received no acknowledgement from Okta of a possible breach, we persisted with escalations within Okta until October 19th when Okta security leadership notified us that they had indeed experienced a breach and we were one of their affected customers.”

Continue Reading

SearchSecurity – 1Password Stops Attack Linked to Okta Breach

– First, BeyondTrust revealed that it initially detected and reported the breach to Okta on Oct. 2, though its CTO Marc Maiffret emphasized that it took time to convince Okta it was the source. Cloudflare also issued a disclosure on Friday that confirmed that it detected an Okta-related attack on Oct. 18.

Continue Reading

MacTechNews – Attack on Okta (German)

– As revealed now, 1Password has been affected by a recent cyberattack on the identity service provider Okta. Recently, cybercriminals managed to steal Okta's access tokens. It's not yet clear which other customers are affected: The service provider said it was a very small proportion of its more than 18,000 customers. However, the U.S. company BeyondTrust had reported a corresponding attack earlier this month.

Continue Reading

Netzwoche (CH): Cyber Criminals Hack Okta and Get Hold of Customer Data (German)

– Identity service provider Okta reports another attack on its databases. Hackers are said to have gained access to sensitive customer data via the support department. This is not the first incident. In 2022, the Californian company recorded a data theft, after hackers hacked a tool of their customer support. This August, the service provider reported social engineering attacks on its IT service desk employees. Okta customer BeyondTrust had already alerted the service provider to the cyberattack on October 2.

Continue Reading

PC Magazine – Hackers Try to Break Into 1Password Using Data Stolen from Okta Breach

– Both 1Password and Cloudflare also detected the breach before Okta notified them about a potential intrusion — which isn’t a great look for the single sign-on provider. Cloudflare is also implying Okta failed to take initial reports about the breach seriously. The company’s blog post urges Okta to “take any report of compromise seriously and act immediately to limit damage,” noting that a separate security vendor, BeyondTrust, had notified the company about the breach as early as Oct. 2.

Continue Reading

Malwarebytes – 1Password Reports Security Incident After Breach at Okta

– If the 1Password incident is a consequence of the same Okta breach, this puts the Okta breach which was discovered by BeyondTrust on October 2, 2023 in a new light as regards to the timeline. BeyondTrust says it had to persist with escalations within Okta until October 19, when Okta security leadership notified BeyondTrust that it had indeed experienced a breach and that BeyondTrust were one of the affected customers.

Continue Reading

ITWorld Canada – Hashtag Trending Oct.24

– The breach was initially detected by security firm BeyondTrust, which observed suspicious activity on its in-house Okta administrator account. BeyondTrust alerted Okta but claimed they received no response for over two weeks. Okta has faced multiple security incidents in the past, including breaches in March and December 2022.

Continue Reading

eSecurity Planet – Weekly Vulnerability Recap – October 23, 2023 – Cisco, SolarWinds Vulnerabilities Make News

– Security vendor BeyondTrust encountered the issue when it found an attacker attempting to use a stolen session cookie to breach an admin account. BeyondTrust fixed the issue on its own and claimed it contacted Okta on October 2, but said that it didn’t receive acknowledgement of a breach until October 19, when Okta confirmed BeyondTrust was an affected customer.

Continue Reading

CRN – 1Password: No User Data Accessed in Okta-Linked Incident

– In a statement provided to CRN, Husnain Bajwa, vice president of product strategy at Beyond Identity, said that Okta “took nearly three weeks to acknowledge and remediate the situation despite immediate notifications from two respected and security-conscious customers.” That decision “reflects a troubling pattern of concerning lapses in Okta’s commitment to safeguarding its users,” Bajwa said in the statement.

Continue Reading

CSO Online Deutschland – Another Hacker Attack on IAM Vendor Okta (German)

– Identity and access protection company BeyondTrust is one of the affected customers. In early October 2023, the security team noticed and reported an attack attempt using a valid session cookie copied from Okta's support system and targeting an internal Okta administrator account. According to the report, while the attacker's activities were initially blocked by internal policies, limitations in Okta's security model allowed him to take limited actions.

Continue Reading

CSO – Okta Support System Breach Highlights Need for Strong MFA Policies

– BeyondTrust’s policy in the Okta environment was to only allow access to the Okta admin console from managed devices on which had been installed Okta Verify, a multifactor authentication application developed by Okta. Because of this policy, the attacker was prompted for MFA authentication when they tried to access the admin console, even though the token they stole provided them with a valid session.

Continue Reading

ARS Technica – 1Password Detects “Suspicious Activity” in its Internal Okta Account

– Security firm BeyondTrust said it discovered the intrusion after an attacker used valid authentication cookies in an attempt to access its Okta account. The attacker could perform “a few confined actions,” but ultimately, BeyondTrust access policy controls stopped the activity and blocked all access to the account. 1Password now becomes the second known Okta customer to be targeted in a follow-on attack.

Continue Reading

ITPro – Everything we Know so Far About Okta’s Data Breach

– Identity management firm BeyondTrust has stated that it experienced an identity-centric attack on October 2, which arose from an in-house Okta administrator account. It notified Okta immediately following the breach, and subsequently engaged in dialog with Okta to provide evidence that Okta had been compromised.

Continue Reading

Infosecurity Magazine – Okta Breached Via Stolen Credential

– “Having received no acknowledgement from Okta of a possible breach, we persisted with escalations within Okta until October 19 when Okta security leadership notified us that they had indeed experienced a breach and we were one of their affected customers,” explained BeyondTrust CTO, Marc Maiffret.

Continue Reading

Decipher – Okta: Stolen Credential Led to Support System Breach

– “BeyondTrust’s custom policies around admin console access initially blocked them, but they pivoted to using admin API actions authenticated with the stolen session cookie,” according to BeyondTrust. “API actions cannot be protected by policies in the same way as actual admin console access. Using the API, they created a backdoor user account using a naming convention like existing service accounts.”

Continue Reading

CNBC – Okta Cybersecurity Breach Wipes Out More Than $2 Billion in Market Cap

– In a separate post Friday, privately held identity management firm BeyondTrust, said that it had told Okta's security teams about suspicious activity in BeyondTrust's own Okta systems on October 2. Okta didn't initially acknowledge the incident as a breach after BeyondTrust alerted the company, despite what BeyondTrust described as concerns that "there was a high likelihood of compromise within Okta support and that we were likely not the only customer impacted."

Continue Reading

CISO Series – Cyber Security Headlines: Okta System Attacked, Another Cisco Vulnerability, RagnarLocker Arrest

– Okta has of course taken measures to protect its customers, including the revocation of embedded session tokens. In general, Okta recommends sanitizing all credentials and cookies/session tokens within an HAR file before sharing it. In a separate alert, security firm BeyondTrust said it was a target of a cyberattack linked to this Okta support system breach.

Continue Reading

SiliconANGLE – Okta Shares Drop After Identity Company Discloses yet Another Data Breach

– Where the story gets interesting is that one of the affected customers, BeyondTrust Corp., has come forward and disclosed its experience, and it’s not a good look for Okta. The company said that it had detected an identity-centric attack on an in-house Okta administrator account on Oct. 2, but after alerting Okta the same day and then following up, it had no response for over a week.

Continue Reading

Bank Info Security – Okta Support Unit Breached Via Credential Stolen by Hackers

– BeyondTrust security teams on Oct. 2 saw an attacker trying to access an in-house Okta administrator account using a valid session cookie stolen from Okta's support system, according to Maiffret. The initial incident response indicated a possible compromise at Okta - by either someone on the support team or someone in a position to access customer support-related data. That prompted BeyondTrustto contact Okta.

Continue Reading

Seeking Alpha – Okta Tumbles Amid Security Breach, Latest in a String

– Security firm BeyondTrust was among those that received the alert. BeyondTrust Chief Technology Officer Marc Maiffret said the alert came more than two weeks after his company alerted Okta to a potential problem. Maiffret said none of its customers were affected, according to KrebsonSecurity, which first reported the news.

Continue Reading

SecurityWeek – Okta Support System Hacked, Sensitive Customer Data Stolen

– “The incident began when BeyondTrust security teams detected an attacker trying to access an in-house Okta administrator account using a valid session cookie stolen from Okta’s support system. Custom policy controls blocked the attacker’s initial activity, but limitations in Okta’s security model allowed them to perform a few confined actions,” BeyondTrust said.

Continue Reading

PC Magazine – Okta Customer Support System Hacked

– Okta declined to provide more details. But according to security journalist Brian Krebs, the company appears to have uncovered the breach when a customer, security vendor BeyondTrust, noticed unusual activity on its network. An Okta account belonging to a BeyondTrust engineer tried to create a powerful admin account.

Continue Reading

Kreb on Security – Hackers Stole Access Tokens from Okta’s Support Unit

– Maiffret emphasized that BeyondTrust caught the attack earlier this month as it was happening, and that none of its own customers were affected. He said that on Oct 2., BeyondTrust’s security team detected that someone was trying to use an Okta account assigned to one of their engineers to create an all-powerful administrator account within their Okta environment.

Continue Reading

CRN – Okta Discloses Support System Breach Impacting Customer Data

– The company said in a post that it informed Okta about the incident on Oct. 2, but “having received no acknowledgement from Okta of a possible breach, we persisted with escalations within Okta.” Then on Oct. 19, “Okta security leadership notified us that they had indeed experienced a breach and we were one of their affected customers,” BeyondTrust said.

Continue Reading

Technology Decisions - Hybrid IT opens new avenues for cybercriminals

– In this article, James Maude outlines that defending against sophisticated nation state threat actors such as Mango Sandstorm can feel like a daunting task. This is particularly the case when the infrastructure comprises a hybrid mix of on-prem and cloud resources which may span multiple teams in your organisation.

Continue Reading

CXO Insight ME: Fortifying critical infrastructure

– “As a primary threat to critical infrastructure, consider logic bombs. A logic bomb is a piece of malware that disrupts industrial control systems by placing false logic into the workflow to confuse systems and cause disruption – Morey Haber, Chief Security Officer at BeyondTrust”

Continue Reading

Security ME Magazine – The Path to Cyber Resilience is Paved by PAM

– “PAM must offer the means to automate discovery of privileged accounts and other credential types across the environment. There must be no place for an identity to hide because if there is, you can be sure it will not escape the notice of a determined threat actor. Human and non-human accounts must be placed under suitable management so they can pass muster with auditors. Many attacker inroads are rendered impassable with this simple approach and many others are made difficult. And to be clear, when we say ‘suitable management’, what we mean is the enforcement of regular password changes and rules as to their strength.”

Continue Reading

IT Wire - BeyondTrust adds business applications password management to Password Safe

– Identity and access specialist has added a feature called Workforce Passwords to BeyondTrust Password Safe. Worksafe Passwords is said to provide enterprise-level workforce password management by enabling business application passwords to be managed with the same scrutiny and security that is used for privileged accounts. Managing business application passwords helps ensure that users do not adopt risky password practices such as password reuse and password sharing, as well as providing control over access to applications.

Continue Reading

Security Brief AU – BeyondTrust adds new capability to Password Safe solution

– BeyondTrust has announced Workforce Passwords, a new capability built into BeyondTrust Password Safe, designed to securely store and manage business application passwords. Available with the Password Safe 23.2 release, Workforce Passwords delivers enterprise-level workforce password management by giving customers the ability to manage business application passwords with the same scrutiny and security previously reserved for privileged accounts.

Continue Reading

IT Brief AU – BeyondTrust adds new capability to Password Safe solution

– BeyondTrust has announced Workforce Passwords, a new capability built into BeyondTrust Password Safe, designed to securely store and manage business application passwords. Available with the Password Safe 23.2 release, Workforce Passwords delivers enterprise-level workforce password management by giving customers the ability to manage business application passwords with the same scrutiny and security previously reserved for privileged accounts.

Continue Reading

CXO Insight ME - Guarding the chain

– “If the products being manufactured have any software components or entirely comprised of software, vulnerabilities identified in the product can potentially be exploited to not only compromise the company, but any company using the software. This represents a massive risk surface and anyone with the software deployed could be susceptible to a breach,” says Morey Haber, CSO at BeyondTrust”

Continue Reading

Bank Info Security – CyberArk, BeyondTrust, Delinea Dominate Gartner MQ for PAM

– BeyondTrust has brought new technology to market around cloud infrastructure to provide remote users with access to cloud resources using their laptop through a granular, narrow tunnel, said CTO Marc Maiffret. Given the number of organizations using cloud-native resources housed in AWS or Azure, Maiffret said it's essential to provide secure access into the public cloud providers in a granular manner.

Continue Reading

Security Brief AU - BeyondTrust and Jamf to enhance Mac endpoint security

– BeyondTrust has announced its integration with Jamf to enhance Mac endpoint security. This collaboration marks a significant step towards strengthening global Mac endpoint security for organisations. At the core of this partnership is integrating BeyondTrust's Privilege Management for Mac with Jamf's new Jamf Cloud Distribution Point (JCDS), including an official API endpoint for uploading packages.

Continue Reading

Forbes – 40 Best Large Workplaces in Technology

– BeyondTrust Employees say: “Very transparent and open with plenty of time for questions to management, including a completely unscripted companywide meeting called ‘Leadership Live,’ where all questions are welcome. Personal story discussions where people share what it is like to be them, such as being Muslim in the U.K. or Black in America. Lots of development

Continue Reading

ASMag.com – Identity Management: Going Password-LESS

– “Password-less authentication is provided based on a unique characteristic owned by the identity or asset and can be verified to be unique per request or session. This can be implemented using biometric technology or passkeys that are securely stored or rotated via an encryption key that can only be decoded by the system when access is requested. The most common implementation model for this type of solution is FIDO2 and provides a secure workflow for authentication using a variety of trusted identity verification methods,” said Morey Haber, Chief Security Officer at BeyondTrust.

Continue Reading

Security Brief AU – BeyondTrust achieves customer security certification

– BeyondTrust, the specialists in intelligent identity and access security, have announced the company has achieved ISO 27001:2022 certification. The ISO 27001 standard applies a holistic management system approach to information security to address governance, organisation roles and responsibilities, processes, and technology to meet the businesss information security risk management objectives.

Continue Reading

IT Brief AU - BeyondTrust achieves customer security certification

– BeyondTrust, the specialists in intelligent identity and access security, have announced the company has achieved ISO 27001:2022 certification. The ISO 27001 standard applies a holistic management system approach to information security to address governance, organisation roles and responsibilities, processes, and technology to meet the businesss information security risk management objectives.

Continue Reading

KBI Media – BeyondTrust Achieves ISO 27001:2022 Certification Demonstrating Commitment to Robust Customer Security

– BeyondTrust, the worldwide leader in intelligent identity and access security, today announced the company has achieved ISO 27001:2022 certification. The ISO 27001 standard applies a holistic management system approach to information security to address governance, organization roles and responsibilities, processes, and technology to meet the business’s information security risk management objectives.

Continue Reading

Cyber Risk Leaders - BeyondTrust certifies trust

– BeyondTrust says it has achieved ISO 27001:2022 certification. “BeyondTrust’s ISO 27001:2022 certification reaffirms our dedication to prioritising customer data security,” said Justin Sparks, Director, IT Governance, Risk & Compliance at BeyondTrust. “This achievement highlights our commitment to providing customers with the utmost protection against cyber threats and unauthorised access, ensuring their peace of mind and confidence in our products and services.”

Continue Reading

Australian Reseller News - ARN Innovation Awards 2023: and the finalists are...

– Paul McKersey has been shortlisted as a finalist in the Australian Reseller News Innovation Awards in the Personal Innovation category for Vendor Channel Excellence. Personal Innovation recognises standout individuals who contribute to customer, company and channel success through a transformative approach to management, channel, sales, technical and marketing positions. The award winners will be announced at a gala dinner in Sydney on 16 November.

Continue Reading

IT Brief AU - BeyondTrust achieves customer security certification

– BeyondTrust, the specialists in intelligent identity and access security, have announced the company has achieved ISO 27001:2022 certification. The ISO 27001 standard applies a holistic management system approach to information security to address governance, organisation roles and responsibilities, processes, and technology to meet the businesss information security risk management objectives.

Continue Reading

Security Brief AU – BeyondTrust achieves customer security certification

– BeyondTrust, the specialists in intelligent identity and access security, have announced the company has achieved ISO 27001:2022 certification. The ISO 27001 standard applies a holistic management system approach to information security to address governance, organisation roles and responsibilities, processes, and technology to meet the businesss information security risk management objectives.

Continue Reading

Business Acumen Magazine – Australian businesses strengthen cybersecurity, rattled by major organisational breaches

– The 2023 ISG Provider Lens Cybersecurity Solutions and Services report for Australia evaluates the capabilities of 82 providers across six quadrants: identity and access management (IAM), extended detection and response (XDR), security service edge (SSE), technical security services, strategic security services, and managed security services (SOC). The report names BeyondTrust, HPE (Aruba), Macquarie Telecom Group and SentinelOne are named as rising stars in one quadrant each.

Continue Reading

Gestalt IT – BeyondTrust Identity Security Insights – Establishing Identity-Focused Security with Transparent Visibility

– More than half of security breaches today are linked to identity issues stemming from low visibility. BeyondTrustIdentity Security Insights dials up the clarity by giving IT teams visibility into all trouble spots around identity and access, and help adopt a steely and unified management posture. This is not just better cyber hygiene. It is enforcement of the core tenet of zero-trust – a least-privilege model.

Continue Reading

ASMag.com – Cyber Threats, Compliance Drive Identity Management Demand to New Height

– Yet different identity management policies and tools should be implemented according to the size of the organization. “As an employee joins the company, changes roles, or leaves the organization, the small business should ensure their accounts are created, modified, and deleted in a timely fashion in addition to any rights, permissions, and privileges that might be assigned. For a large organization, this simple process and security best practices can be incredibly labor intensive and prone to error. This is where Identity Governance and Administration (IGA) solutions come into play, and Identity Security solutions identify the risks and threats that arise from employee activity and potential misconfigurations,” Haber said.

Continue Reading

Security Solutions – BeyondTrust Named a Leader in 2023 Gartner® Magic Quadrant™ for Privileged Access Management

– BeyondTrust, the worldwide leader in intelligent identity and access security, today announced it has been positioned in the Leaders Quadrant in the 2023 Gartner Magic Quadrant for Privileged Access Management, with BeyondTrust positioned as the highest in Ability to Execute. This is the fifth year in a row BeyondTrust has been recognised as a Leader.

Continue Reading

Forbes — How Organizations Can Manage Identity Technical Debt

– At some point in time, legacy components, software and aging assets and resources will no longer meet modern business demands and information security requirements. After a period as short as seven years, many components can be designated as end-of-life and be queued for replacement or modernization. In fact, most endpoint hardware does not even last that long.

Continue Reading

CXO Insight ME: Guardians of the digital realm

– “James Maude, Lead Security Researcher at BeyondTrust, says generative AI such as ChatGPT is proving useful in a number of ways. Being able to analyse and summarise large amounts of data in a concise and human readable manner could be very helpful in increasing productivity and security. There is also the potential to help script and automate responses and generate code, however a word of caution here as the use of AI assistants has been shown to reduce code quality and security among developers.”

Continue Reading

Security Brief Asia - BeyondTrust launches Identity Security Insights solution for advanced intelligence

– BeyondTrust has announced the general availability of its Identity Security Insights solution. With the escalating complexity of cyber threats targeting identities and credentials, this solution aims to set a new standard in securing both human and non-human identities and privileges, providing organisations with visibility and advanced identity-first threat detection capabilities.

Continue Reading

Security Brief India - BeyondTrust launches Identity Security Insights solution for advanced intelligence

– BeyondTrust has announced the general availability of its Identity Security Insights solution. With the escalating complexity of cyber threats targeting identities and credentials, this solution aims to set a new standard in securing both human and non-human identities and privileges, providing organisations with visibility and advanced identity-first threat detection capabilities.

Continue Reading

Security Brief NZ - BeyondTrust launches Identity Security Insights solution for advanced intelligence

– BeyondTrust has announced the general availability of its Identity Security Insights solution. With the escalating complexity of cyber threats targeting identities and credentials, this solution aims to set a new standard in securing both human and non-human identities and privileges, providing organisations with visibility and advanced identity-first threat detection capabilities.

Continue Reading

Security Brief AU - BeyondTrust launches Identity Security Insights solution for advanced intelligence

– BeyondTrust has announced the general availability of its Identity Security Insights solution. With the escalating complexity of cyber threats targeting identities and credentials, this solution aims to set a new standard in securing both human and non-human identities and privileges, providing organisations with visibility and advanced identity-first threat detection capabilities.

Continue Reading

Company Director - Expert advice on Australia's cyber threat landscape

– In managing the risks posed by cybercrime, Scott Hesford says that directors should consider the reasonableness test when assessing their planned level of action. He says, “This is important because risk reduction steps that would be deemed reasonable today are very different from what they were 10 years ago. Different companies within an industry may also have different risk appetites.”

Continue Reading

Heat Treat Today – Cybersecurity Desk: Work-From-Home Cybersecurity Tips and Best Practices

– Separate your home and business networks: Separate your Wi-Fi network so company-approved devices will be separate. Even better, use a secure network and a company-issued Virtual Private Network (VPN) to access your business accounts. You can also use BeyondTrust for secure remote access. Home routers should always be updated to the current software version when it becomes available.

Continue Reading

IT Wire – Australian businesses rein in third-party remote access risks to IT and OT systems

– In this byline opinion article, Scott Hesford discussed that in today’s IT world, the need for third-party remote access has increased as IT environments become more distributed, consist of more managed or third-party hosted services, and often require ongoing input from the various providers to troubleshoot issues or perform upgrades. As a result, the adoption of secure remote access technology is now much higher on strategic agendas.

Continue Reading

Enterprise IT World MEA – Digital identities are on the rise with no end in sight; here’s the right way to protect them

– “ITDR is more of a discipline. By uniting the right technology capabilities and human skills, ITDR pinpoints the true threats, vastly reduces alert fatigue, and greatly increases an organization’s ability to fix critical security issues before they can be exploited. Traditional PAM delivered in combination with an identity-centric security model is the best approach to ITDR.”

Continue Reading

Cyber Security Connect – Op-Ed: Third-party risk management is fast becoming baked into business best practice

– In this byline opinion article, Scott Hesford says that Australian organisations have to police privileged access to their environments to a greater extent than ever before.Third-party risk management (TPRM) is considered a strategic priority by 85 per cent of businesses, up from 77 per cent pre-pandemic, according to research by KPMG International.

Continue Reading

Industrieanzeiger – Cyber Security: Highly Interconnected Companies Fight Back Against Cyber Attacks

– Recent research studies by security vendor BeyondTrust show that three out of four organizations have been impacted by an increasing number of cyber disruptions affecting their ICS/OT environments. In the electricity, oil, gas and manufacturing sectors, overall 89 percent of companies recorded serious cyber-attacks last year, disrupting production chains and energy supply.

Continue Reading

E3 magazin – People in June 2023

– BeyondTrust, leader in intelligent identity and access security, has a new Regional Vice President CEE with Jens Brauer. In this role, he will be responsible for the strategic direction of the sales organization as well as the team of sales, marketing and technical experts in the DACH region.

Continue Reading

Enterprise IT World MEA – Digital Identities are on the Rise with no End in Sight; Here’s the Right Way to Protect Them

– “When we unite IAM and PAM we bring back an element of control over the identity landscape, but to be cloud-ready means implementing new tools and working practices that can correlate all the signals received and discern actionable information from them. The security stack must include smart and integrated analytics capabilities for this purpose. What I have just described is identity threat detection and response.”

Continue Reading

LANline – Analytics Functionality for Threat Protection: New BeyondTrust Privilege Management Version (Germany)

– BeyondTrust, leader in intelligent identity and access security, has released version 23.4 of Privilege Management for Windows and Mac. The enterprise solution supports the enforcement of least privilege and granular application control. The new release equips the Analytics v2 reporting and analysis tool with new functions that improve threat protection against unknown applications. To accelerate and simplify IT operations, this version also automates the onboarding process of endpoints.

Continue Reading

Security MEA – Taking the Fight to Identity Thieves With ITDR

– “To replace siloed tools, we turn to something that is really more of a methodology than a product. We call it identity-threat detection and response (ITDR). We combine security tools and processes to allow us to zero in on suspicious in-session activity and respond to attacks as they happen. ITDR is able to do this through a deeper understanding of permissions, configurations, and the relationships between accounts. And this deeper understanding comes from uniting best-in-class solutions already available in the market.”

Continue Reading

GCN – 6 Steps to Securing Operational Technology in Critical Infrastructure

– Securing OT systems can be a complex and challenging task that requires a multifaceted approach, taking years to mature. But the benefits of discovering assets on the network, assessing exposure and risk and developing a comprehensive security plan that includes technical, administrative as well as physical controls, are well worth the time and investment.

Continue Reading

Software Observer | Medium – Top 5 IT-Support Software

– BeyondTrust provides secure enterprise tools around password and endpoint management, as well as secure remote access to corporate devices. Remote Support features include remote control and screen sharing, unattended access, annotations, file sharing, and camera sharing for mobile devices.

Continue Reading

Security Solutions - BeyondTrust Survey Finds 90% of Australian Enterprises Are Aligning Their Security Programs to the Essential Eight

– Ninety per cent of Australian organisations are planning to align their security programs to the Essential Eight, highlighting its momentum as fast becoming a de facto standard inclusion for cybersecurity strategies across the country. That’s according to a BeyondTrust survey conducted at last month’s AusCERT security conference by

Continue Reading

IT Wire - Australian enterprises taking on the Essentail Eight: survey

– A survey conducted by BeyondTrust at last month’s AusCERT conference has found that ninety percent of Australian organisations plan to align their security programs to the Essential Eight. However, the challenges in aligning with the Essential Eight include application control (63 percent), user application hardening (51 percent), patching (49%), and restricting admin privileges (44 percent).

Continue Reading

CXO DX – Lets take the fight to the identity thieves; introducing ITDR

– “Adoption of ITDR should be undertaken carefully. Because it is more a practice than a product, integration plays a significant role in implementation. Investments can easily be squandered if stakeholders do not pay due attention to the fundamentals. Before any detection or response can take place, organizations must claim back visibility and control of the hardware and software that comprise their identity infrastructure. This visibility and control must also apply to accounts themselves. Security personnel must be able to see at a glance all current access so they can sift out overprivileged accounts.”

Continue Reading

Security MEA – Does ChatGPT Pose Cybersecurity Risks?

– “As an AI language model, ChatGPT has the potential to pose certain security risks, although it’s important to note that these threats are contingent on misuse, not the technology itself,” says Karl Lankford, Regional Vice President, Solutions Engineering, BeyondTrust.”

Continue Reading

CXO Insight ME – De-risking the cloud

– “Every cloud asset needs at least one privileged account at some point in its lifecycle for creation, maintenance, and eventual decommissioning. Many of these privileged accounts are proliferating unseen, unmonitored, and unmanaged, presenting dangerous backdoors to the environment for threat actors. Therefore, asset management for identities and their associated accounts is a critical starting point for getting on top of this risk.”

Continue Reading

CXO Insight ME – Managing Insider Threat

– “By definition, an Insider Threat is an internal personal behaving as a threat actor. Regardless of the techniques they are using, they are not behaving in the best interest of the organization or government, potentially breaking the law, and exfiltrating information they do not have permission to possess,” says Morey Haber, Chief Security Officer, BeyondTrust.”

Continue Reading

ChannelBuzz – BeyondTrust Rolls out Next Generation Partner Program for Deeper Partner Engagement

– “We did a major channel program revision in 2021, but that was about harmonizing the four existing channel programs that had come through M&As,” said Rob Spee, SVP Global Channel & Alliances at BeyondTrust. “I was asked to build a next generation modern partner ecosystem for the cloud SASE era, involving partners who can not only sell but who can land and expand. So we had to expand the program to include different partner types in one program and with one agreement.”

Continue Reading

IT-Administrator – More and More Windows Vulnerabilities (German)

– The number of vulnerabilities in Microsoft systems is at a record high. This is the conclusion reached by BeyondTrust in its latest "Microsoft Vulnerabilities Report". The report is published in its tenth edition and breaks down Microsoft vulnerabilities by product and category. With a total of 1,292 vulnerabilities, this year's report has identified more vulnerabilities in Microsoft systems than ever before. For the third year in a row, elevated user privileges are among the highest security risks.

Continue Reading

ChannelLife UK: BeyondTrust expands Identity & Access Security platform

– "Securing identities and access is critical to combatting today's cyberthreats. We continue to invest in innovation to enable visibility and control of all identities and access pathways, detect advanced identity threats, and automatically remediate gaps and adjust policies," says Marc Maiffret, Chief Technology Officer, BeyondTrust.

Continue Reading

ChannelLife AU: BeyondTrust expands Identity & Access Security platform

– "Securing identities and access is critical to combatting today's cyberthreats. We continue to invest in innovation to enable visibility and control of all identities and access pathways, detect advanced identity threats, and automatically remediate gaps and adjust policies," says Marc Maiffret, Chief Technology Officer, BeyondTrust.

Continue Reading

Datatechvibe – Keep Your Secrets Safe by Combining their Management with PASM

– “There are four main reasons for wanting secrets management packaged with PASM. The first involves discovery and onboarding. If the two functions are part of one platform, visibility gaps are eliminated when trying to bring all the keys to the kingdom together. The second reason for unification is consistency when enforcing security policies. Separate platforms might see one rule for credentials normally managed by IT and another for those managed by security. Oversight of all privileged credentials should occur in a single pane, no matter who the designated overseer may be.”

Continue Reading

CXO DX – Towards stronger passwords

– “Since Covid, we truly have a work-from-anywhere world, and the cloud is ideal for situations when passwords need to be available outside of the organization, across multiple geographical locations, and when on-premise technology is incapable or cost-prohibitive for meeting business objectives and minimizing risk. On Password Management Day, consider the risks of remembering, sharing, documenting, and reusing passwords. Security best practices today have better methods, including password services in the cloud, to minimize the need to remember passwords.

Continue Reading

The Edge Singapore – Going password-less is a matter of (zero) trust

– In this article, Scott Hesford says that organisations need to understand that implementing zero trust is less of a destination and more of a never-ending journey as attackers are constantly finding new ways to attack the network. At the same time, organisations looking to maintain productivity and security need to start preparing for a future where user authentication transcends passwords.

Continue Reading

Channel 360 MEA – Better Be Safe, than Sorry!

– “Our brains are full of passwords and, often, we forget them, need to share them, and are forced to document them using unsecure methods like paper or spreadsheets. These insecure methods for sharing passwords have caused the press to report front page news articles on data breaches and compelled organizations to educate employees on the insecure methods for password storage and sharing. A better method to document passwords is needed that is highly secure, documents distributed access, and promotes sharing and collaboration with minimal risk—no matter where the access occurs.”

Continue Reading

it-daily.net – Study: Total Number of Microsoft Vulnerabilities at an All-Time High (German)

– BeyondTrust released its latest Microsoft Vulnerabilities Report. The tenth edition of the annual security study breaks down Microsoft's vulnerabilities by product and category. For the third time in a row, excessive user privileges are among the highest security risks. With a total of 1,292 vulnerabilities, this year's report has identified more vulnerabilities in Microsoft systems than ever before.

Continue Reading

Silicon.de – Study: Microsoft Vulnerabilities Reach All-Time High (German)

– “Microsoft has a high volume of vulnerabilities that we have seen increase over the last 10 years of our research,” said James Maude, Lead Security Researcher at BeyondTrust. “This report outlines many of the risks, and highlights the importance of timely patching alongside the removal of excessive administrative rights to mitigate the risks.”

Continue Reading

Security-Insider.de – BeyondTrust Microsoft Vulnerabilities Report 2023: Total Number of Microsoft Vulnerabilities Rises to All-Time High (German)

– “Microsoft has a high volume of vulnerabilities that we have seen increase over the last 10 years of our research,” said James Maude, Lead Security Researcher at BeyondTrust. “This report outlines many of the risks, and highlights the importance of timely patching alongside the removal of excessive administrative rights to mitigate the risks.”

Continue Reading

Forbes – Cybersecurity Implications of Juice Jacking for Businesses

– The concern is a cyber-theft tactic called “juice jacking.” Juice jacking is the exploitation of a device using a modified USB cable (dirty USB cable) and/or malware to compromise a device while it is charging. Since USB and Apple Lightning cables contain both power and data connections in the same cable and connector, the exploit leverages the data connections as the device attempts to synchronize data.

Continue Reading

Channel Insider – Privileged Access Management: The Ultimate Guide

– A noteworthy feature of BeyondTrust Password Safe is its SSH key management subsystem. The developers have incorporated secure SSH session keys into the security loop alongside account passwords. This ensures that SSH keys are stored securely and updated automatically. SSH sessions are recorded and logged similarly to sessions using other protocols and can be monitored in real time. Licensing is based on assets, not user count, which further sets it apart.

Continue Reading

IT Brief UK: Operating Models Increasingly Complex, Difficult to Secure - BeyondTrust

– BeyondTrust has announced the release of a new global survey, Identity Issues Impact Zero Trust Effectiveness. The report reviewed key findings from a research survey interviewing more than 300 participants across five continents and included security teams, IT professionals, and executives. Morey Haber, Chief Security Officer at BeyondTrust, comments, "Today's business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications.

Continue Reading

IT Brief Asia: Operating Models Increasingly Complex, Difficult to Secure - BeyondTrust

– BeyondTrust has announced the release of a new global survey, Identity Issues Impact Zero Trust Effectiveness. The report reviewed key findings from a research survey interviewing more than 300 participants across five continents and included security teams, IT professionals, and executives. Morey Haber, Chief Security Officer at BeyondTrust, comments, "Today's business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications.

Continue Reading

IT Brief NZ: Operating Models Increasingly Complex, Difficult to Secure - BeyondTrust

– BeyondTrust has announced the release of a new global survey, Identity Issues Impact Zero Trust Effectiveness. The report reviewed key findings from a research survey interviewing more than 300 participants across five continents and included security teams, IT professionals, and executives. Morey Haber, Chief Security Officer at BeyondTrust, comments, "Today's business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications.

Continue Reading

IT Brief AU: Operating Models Increasingly Complex, Difficult to Secure - BeyondTrust

– The report reviewed key findings from a research survey interviewing more than 300 participants across five continents and included security teams, IT professionals, and executives. Morey Haber, Chief Security Officer at BeyondTrust, comments, "Today's business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications.

Continue Reading

Security Brief UK — Operating models increasingly complex, difficult to secure - BeyondTrust

– The report reviewed key findings from a research survey interviewing more than 300 participants across five continents and included security teams, IT professionals, and executives. Morey Haber, Chief Security Officer at BeyondTrust, comments, "Today's business operating models are highly complex, with remote employees accessing critical systems using dozens, and even hundreds of applications.

Continue Reading

Security Brief Asia — Operating models increasingly complex, difficult to secure - BeyondTrust

– BeyondTrust has announced the release of a new global survey, Identity Issues Impact Zero Trust Effectiveness. The survey's research focused on understanding current identity and zero trust trends, adoption rates, incidents, solutions, challenges, and new areas of focus. The research also investigated the integration requirements and techniques for zero trust solutions and how they interact with other key business applications and systems.

Continue Reading

Security Brief NZ — Operating models increasingly complex, difficult to secure - BeyondTrust

– BeyondTrust has announced the release of a new global survey, Identity Issues Impact Zero Trust Effectiveness. The survey's research focused on understanding current identity and zero trust trends, adoption rates, incidents, solutions, challenges, and new areas of focus. The research also investigated the integration requirements and techniques for zero trust solutions and how they interact with other key business applications and systems. Syndicated to: Security Brief NZ, Security Brief Asia, Security Brief UK

Continue Reading

Security Brief AU: Operating Models Increasingly Complex, Difficult to Secure - BeyondTrust

– BeyondTrust has announced the release of a new global survey, Identity Issues Impact Zero Trust Effectiveness. The survey's research focused on understanding current identity and zero trust trends, adoption rates, incidents, solutions, challenges, and new areas of focus. The research also investigated the integration requirements and techniques for zero trust solutions and how they interact with other key business applications and systems.

Continue Reading

Swiss IT Reseller: BeyondTrust Appoints Jens Brauer

– Specializing in identity and access security solutions, BeyondTrust wants to expand its sales efforts and intensify its channel-first strategy. To this end, Jens Brauer has been welcomed on board as the new head of the DACH and Eastern Europe business. "Expanding our close cooperation with system houses and resellers will be crucial in order to jointly address the opportunities and challenges in a fast-growing and lucrative market segment," said Brauer.

Continue Reading

KBI Media – BeyondTrust Global Survey Provides Insights on Identity Issues Impacting Zero Trust Effectiveness

– BeyondTrust has announced the release of a new global survey, “Identity Issues Impact Zero Trust Effectiveness.” The survey’s research focused on understanding current identity and zero trust trends, adoption rates, incidents, solutions, challenges, and new areas of focus. The research also investigated the integration requirements and techniques for zero trust solutions and how they interact with other key business applications and systems.

Continue Reading

IT Wire – BeyondTrust Report Shows Frequency of Identity Incidents and Importance of Zero Trust Integration

– BeyondTrust's Identity Issues Impact Zero Trust Effectiveness survey found identity-related incidents are commonplace. Responses from more than 300 security teams, IT professionals, and executives in five continents revealed that 93 percent had an identity-related incident in the last 18 months, with 81 percent having at least two such incidents. More than 70 percent were still in the process of implementing a zero trust approach, and nearly all companies were using multiple vendors and products in their zero trust strategy.

Continue Reading

ChannelPartner – Focus on Channel First Strategy: Jens Brauer New Head of Sales at BeyondTrust (German)

– As Vice President CEE, Jens Brauer leads the business in the DACH region and Eastern Europe at BeyondTrust, a provider of identity and access security. "In particular, my personal emphasis is on intensifying BeyondTrust's channel-first strategy," emphasized Brauer. "Expanding our close cooperation with system houses and resellers will be crucial in order to jointly address the opportunities and challenges in a fast-growing and lucrative market segment."

Continue Reading

Find Biometrics – Maine Considers the BIPA Option: Identity News Digest

– Three more of BIO-key’s clients have opted to migrate their on-premises deployments of the company’s PortalGuard identity and access management solution to the cloud-based version, PortalGuard IDaaS. “In the cloud, IT leaders can easily right-size computing resources according to unique business requirements and cut wasteful spending,” explained BIO-key’s PortalGuard President, Mark Cochran. The news comes after IAM specialist BeyondTrust added PortalGuard to its Privileged Remote Access solutions portfolio last month.

Continue Reading

Dark Reading – Are Low-Code Apps a Ticking Access Control Time Bomb?

– And as he puts it, this is a feature that low-code development platforms are proud of and actively marketing because they enable productivity. But obviously from a security perspective it can quickly turn into a nightmare. It could undermine the integrity of role-based access controls, throw off user and entity behavioral analytics, and create huge compliance risks in the future, says Morey Haber, CSO for privileged access management firm BeyondTrust.

Continue Reading

Intelligent CISO – BeyondTrust Launches Zero Trust Authentication and Zero Trust Leadership Series of Events

– Bringing together industry-leading security technologies and integrators, Beyond Identity, Palo Alto Networks, CrowdStrike, Optiv, World Wide Technology, Guidepoint Security, BeyondTrust, Ping Identity and Climb Channel Solutions will enable organisations to move towards secure authentication designed to advance the Zero Trust strategies of global 5000 companies.

Continue Reading

CXO Insight ME: Do you trust your cloud?

– “Christopher Hills, Chief Security Strategist, BeyondTrust, says cloud mis-configuration or lack of configuration is still the leading attack vector. “That being said, there are many other element related to cloud breaches such as malicious insider, vulnerabilities, phishing access via social engineering, and lets not forget the leading cause of breaches in general, stolen and/or compromised credentials.”

Continue Reading

Becker’s Hospital Review – 121 Healthcare Cybersecurity Companies to Know | 2023

– BeyondTrust delivers cybersecurity solutions designed to reduce risks and act against internal and external data breach threats. The company offers an integrated risk intelligence platform to identify critical risks and provide information for the company. In the healthcare space, BeyondTrust's PowerBroker privileged account management solution enforces best practices; its Retina vulnerability management solutions allows the healthcare IT security team to identify exposure, analyze the business impact and conduct remediation.

Continue Reading

Security Review – The 5 Ways PAM Reduces Unix/Linux Attack Surfaces and Improves Compliance

– “The bottom line is that your business depends on the accuracy and privacy of the information you are entrusted with. Therefore, the value of managing the “who, what, where, when, how, and why” regarding access to your information technology cannot be underestimated. Privileged access management has numerous benefits that can solidify your information security. You would be wise to take advantage of this indispensable tool.”

Continue Reading

Bernama – 2023 Microsoft Vulnerabilities report reveals elevation of privilege as top vulnerability category

– The 2023 Microsoft Vulnerabilities Report released by BeyondTrust, the worldwide leader in intelligent identity and access security, has found that elevation of Privilege is the top vulnerability category for the third consecutive year. The report said that total Microsoft vulnerabilities rose to 1,292 hitting an all-time high since the report ten years ago.

Continue Reading

TechWire Asia – Can Microsoft Security Copilot provide better cybersecurity insights and fix vulnerabilities?

– Despite Microsoft’s advancements and the recent introduction of Microsoft Copilot, what hasn’t changed is vulnerabilities. BeyondTrust has unveiled the 2023 Microsoft Vulnerabilities Report. Celebrating its 10th anniversary, the report offers insights into the Microsoft vulnerability landscape. The report analyzes 2022 Microsoft vulnerabilities, emphasizing trends and prominent CVEs while detailing attacker exploitation methods and suggesting prevention or mitigation strategies.

Continue Reading

Economy ME – Businesses must brace for AI-powered attacks

– “In their recent cyberthreats report, Acronis predicts that artificial intelligence (AI) and machine learning (ML) will help fuel identity fraud and disinformation campaigns in the not so distant future. Christopher Hills, Chief Security Strategist, BeyondTrust believes that while AI isn’t yet capable enough to learn and replicate human behavior, recent advancements have put it to interesting use cases such as correctly predicting medical conditions based on symptoms. “Granted this is a good thing, but in the hands of a threat actor, AI could easily be leveraged for nefarious purposes,” warns Hills.”

Continue Reading

CRN – 2023 Partner Program: BeyondTrust: Designated 5-Star Award Recipient

– What are the most significant changes made to your partner program over the past year? We increased our focus on Service Delivery Partners (SDP) by establishing a Partner Success Organization charged with enabling partners to increase margins via implementation and other services. In addition, we added SDP, MSP and GSI tracks to our global partner program.

Continue Reading

Tech Trade Asia – BeyondTrust's new report discusses risks and mitigation for Microsoft vulnerabilities

– BeyondTrust, the worldwide provider of intelligent identity and access security, has released its 2023 Microsoft Vulnerabilities Report. Produced annually by BeyondTrust, the report analyses data from security bulletins publicly issued by Microsoft throughout the previous year. This 10th anniversary edition covers a decade of vulnerability insights, providing information to help organisations see into the past, present, and future of the Microsoft vulnerability landscape.

Continue Reading

Cybersecurity ASEAN – Elevation of Privilege remains #1 in BeyondTrust 10th Annual Microsoft Vulnerabilities Report

– BeyondTrust has announced the release of the 2023 Microsoft Vulnerabilities Report. This report is the 10th anniversary edition and covers a decade of vulnerability insights, providing valuable information to help organizations see into the past, present, and future of the Microsoft vulnerability landscape. Produced annually by BeyondTrust, The Microsoft Vulnerabilities Report analyzes data from security bulletins publicly issued by Microsoft throughout the previous year.

Continue Reading

Connect Channel — BeyondTrust: Access to Infrastructure and Integrated Secrets Management (German)

– BeyondTrust released new versions of BeyondTrust Privileged Remote Access and Password Safe which are available as a bundle. These releases offer expanded capabilities for developers, cloud ops and other technical staff to secure and manage access to critical systems in a user-friendly and efficient way. The solutions provide robust infrastructure access capabilities designed for modern cloud-native environments. These Privileged Remote Access and Password Safe releases advance capabilities beyond traditional PAM solutions.

Continue Reading

BioMetric — BIO-key, BeyondTrust team up to offer biometrics to improve remote access security

– BIO-key International, Inc., a provider of identity and access management solutions featuring ‘Identity-Bound Biometrics,’ has announced it is integrating its PortalGuard IDaaS platform with BeyondTrust, an intelligent identity and access security provider. The companies say this partnership between the two companies will provide improved remote access security and assurance that only authorized users can access essential systems, data and applications.

Continue Reading

IT Brief UK — BeyondTrust named one of the 'hottest privately held cybersecurity vendors'

– BeyondTrust, the intelligent identity and access security specialist, has announced that it has been named to JMP Securities Cyber 66. Janine Seebeck, CEO at BeyondTrust, says, "We are excited to be recognised by JMP Securities as a market-leading cybersecurity company addressing today's rapidly evolving threat landscape, which is creating a new urgency to achieving cybersecurity goals. BeyondTrust protects identities and critical access from security threats while creating operational efficiencies."

Continue Reading

IT Brief Asia — BeyondTrust named one of the 'hottest privately held cybersecurity vendors'

– BeyondTrust, the intelligent identity and access security specialist, has announced that it has been named to JMP Securities Cyber 66. Janine Seebeck, CEO at BeyondTrust, says, "We are excited to be recognised by JMP Securities as a market-leading cybersecurity company addressing today's rapidly evolving threat landscape, which is creating a new urgency to achieving cybersecurity goals. BeyondTrust protects identities and critical access from security threats while creating operational efficiencies."

Continue Reading

CXO DX – Towards cyber discipline

– A traditional Security Operations Center (SOC) is no longer a necessity in any enterprise or business. While some verticals would argue a centralized security model is necessary to monitor and manage threats, many organizations have taken this concept and adapted it to accommodate remote workers, managed services, and even blended the requirements with cloud, network, and other operations teams to manage environments holistically.

Continue Reading

GlobeNewswire - BIO-key and BeyondTrust Announce Integrated Partnership to Offer Identity-Bound Biometrics to Enhance Security for Privileged Remote Access

– BIO-key’s PortalGuard, integrated with BeyondTrust’s Privileged Remote Access solution that controls, manages, and audits the access of privileged employees, vendors, developers, and cloud ops engineers, now offers BeyondTrust customers a wide range of flexible authentication options, including Identity-Bound Biometrics (IBB).

Continue Reading

The Integrator – WiT – BeyondTrust

– Yasmine Sameh, Program Manager at BeyondTrust – In my role as a Program Manager at BeyondTrust, I’m responsible for managing a team of Implementation Managers/Project Managers and I’m also working on delivering complex programs/projects in EMEA region. I started my career in the Tech Industry in 2011, focusing on the data storage management projects for 6 years, then networking/telecommunications for 3 years and in 2020 I decided to explore cybersecurity because it is vital element of every successful program delivery to any organization.”

Continue Reading

IT Wire – Dealing with the shadow IT rebound

– In this byline opinion article, Scott Hesford discusses how organisations needs to understand what shadow IT is and the risks it represents before finding a path forward to mitigating its potential impact on an enterprise.

Continue Reading

ZDNET - Top 15 Password Management Best Practices (French)

– Nobody likes passwords, but we'll have to deal with it. Because, despite the predictions, the password is not dead. Attempts to replace it with biometric data, such as with facial recognition technology and fingerprints, have not been entirely satisfactory, so many are reverting to the good old (admittedly frustrating) password.

Continue Reading

Dynamic Business - Exclusive: Australian privacy reform gathers momentum with new report

– This article on Australia’s pending Privacy Act Reform includes comment from Scott Hesford who suggests that Australia may not need to write an entirely fresh collection of legally binding cybersecurity requirements for holding Personally Identifiable Information but we do need to ensure that we’re holding that data under the appropriate settings in accordance with recognised strategies such as the ASD Essential Eight.

Continue Reading

Security Brief NZ – BeyondTrust improves its privileged access management bundle

– BeyondTrust has announced new releases of its Privileged Remote Access and Password Safe and the availability of both products in a new bundle with value pricing. These releases introduce new, expanded capabilities for developers, cloud ops and other technical staff to secure and manage access to critical systems in a way that doesn't sacrifice ease of use or efficiency.

Continue Reading

Security Brief AU – BeyondTrust improves its privileged access management bundle

– BeyondTrust has announced new releases of its Privileged Remote Access and Password Safe and the availability of both products in a new bundle with value pricing. These releases introduce new, expanded capabilities for developers, cloud ops and other technical staff to secure and manage access to critical systems in a way that doesn't sacrifice ease of use or efficiency.

Continue Reading

Help Net Security – Video Walkthrough: Cybertech Tel Aviv 2023

– Help Net Security is in Israel for Cybertech Tel Aviv 2023, talking to the key players from the cybersecurity industry - like BeyondTrust - and businesses from a wide range of sectors, who gathered to exchange knowledge, to network, and learn about technological innovations and solutions for combating cyber threats.

Continue Reading
Prefers reduced motion setting detected. Animations will now be reduced as a result.