Reducing Your MITRE ATT&CK Surface by Denying Admin Authority

Get Instant Access to this Content

Learn more about how to secure your business from threats in places you didn't even know existed.

What happens when you deny attacks privileged access? Using MITRE ATT&CK to answer that question is eye opening.

MITRE ATT&CK is such a valuable resource for organizing your thoughts around cyber security. As I was perusing ATT&CK techniques the other day I was struck by how many of them have a pretty hefty prerequisite: admin authority. This has important implications.

ATT&CK can be overwhelming sometimes when you look at it as a big buffet of methods the bad guys can choose from. But let’s not forget that we can exercise some control over which ATT&CK techniques are available. We can actively deny capabilities or at least significantly raise the difficulty for gaining them in our environments.

The key is to analyze techniques with regard to their prerequisites. Right now, ATT&CK doesn’t really contemplate pre-requisites so that makes this a great real training for free topic.

In this technical education event, I’ll take one key pre-requisite – privileged access – and we’ll identify ATT&CK techniques that can be mitigated or completely denied to attackers as long as you keep them from gaining admin or root level authority.

Then Jason Silva from BeyondTrust, our sponsor, will briefly show you how their technology helps you overcome the challenges of implementing least privilege and allowing users to get their jobs done productively while denying attacks what they most need.

Watch Product Demos

Buyer's Guide for Complete PAM

Gartner® Magic Quadrant™ for PAM

See what customer success looks like

Find a Partner

Leader in Privilege-Centric Identity Security

Watch Product Demos

Reducing Your MITRE ATT&CK Surface by Denying Admin Authority

Get Instant Access to this Content

Products

Solutions

Resources

Free Tools

Customers

Partners

About