Tag: Privileged access management
March 20, 2024 |
5 Steps to Auditing Administrator Access Rights
Accounts with administrative and elevated privileges are necessary for both business and IT functions, but they represent a significant risk to your organization. In the hands of a careless or malcontent insider or an adversary, privileged credentials open the door to data breaches, infrastructure...
December 18, 2023 |
Steps to Control Local Admin Rights
IT pros need local admin rights on corporate devices to install software, modify configuration settings, perform troubleshooting and so on. But all too often, business users are also routinely granted local admin rights on their computers.
While giving users these rights can be convenient, it...
June 2, 2023 |
Zero Trust: The Case for Just-in-Time Access
Traditional IT security models focused on one thing: keeping the bad guys out the network. Anyone inside the network was physically in the corporate office and logged on to a machine set up and managed by the IT team, so they were trusted implicitly.
Handpicked related content:
[Free...
June 2, 2023 |
How to Contain a Privileged Access Breach Quickly and Effectively
If an adversary manages to gain control of a privileged account in your network, you may face serious consequences, including costly data loss, prolonged downtime, customer churn, and legal and compliance penalties.
This blog explains how to build an effective incident response plan that can...
June 2, 2023 |
Identity Management vs. Access Management
Identity management and access management are often combined into identity and access management (IAM). IAM is intended to improve security by ensuring that only authorized entities (such as people, computers, applications) have access to corporate resources, and that they are permitted to access...
March 10, 2023 |
EMC File Activity Monitoring
In this blogpost, we will take a close look at file access auditing on an EMC Isilon file system by leveraging native technologies. We will walk through the configuration process and explore the common challenges faced when working with the resultant audit logs.
Handpicked related...
February 6, 2023 |
Cutting Down the AD Red Forest
Microsoft recently updated its guidance for how organizations should approach privileged access in Active Directory (AD). A key component is shifting from the tiered access model (TAM) and the Enhanced Security Admin Environment (ESAE) (also known as the Active Directory Red Forest) to the...
November 18, 2022 |
Internal Reconnaissance Protection using NetCease and SAMRi10
What is Internal Reconnaissance?
Internal reconnaissance is one of the first steps an attacker will take once they have compromised a user or computer account in your network. Using various tools or scripts, they enumerate and collect information that will help them identify what assets they...
November 14, 2022 |
How To Hide API Keys, Credentials and Authentication Tokens on Github
Back in 2018, GitHub celebrated 100 million open source repositories, and it has only been growing since then. How can you make sure your sensitive credentials and authentication tokens aren’t exposed to access by the public?
Handpicked related content:
[Free Guide] Privileged Access...
October 13, 2022 |
Securing Your Group Managed Service Accounts
Group Managed Service Accounts Overview
The traditional practice of using regular user accounts as service accounts puts the burden of password management on users. As a result, the account passwords often stay the same for years — which leaves them highly susceptible to brute force attacks and...