Attackers, both internal and external, exploit privileged accounts in multiple ways. Attackers use privileged accounts to bypass controls, cover the tracks of an attack, improperly access confidential data, install malware, and make changes that impact system and data security.
Proper auditing of privileged account use can help uncover inappropriate privileged account use, and can also provide part of the check-and-balances required for compliance with IT security standards like PCI and HIPAA. Enterprise grade Unix and Linux distros provide similar auditing capabilities through Linux Audit, AIX Audit, Solaris Audit, BSD Security Event Auditing, etc.
In this on-demand webinar, Security Expert, Gary Patterson who will demonstrate: