dcsimg

An ethical hack reveals endpoint security vulnerabilities

“Know thy enemy and know yourself; in a hundred battles, you will never be defeated.” ~ Sun Tzu, The Art of War Sun Tzu’s advice is as applicable in cyber security as it is in battle. He warns, “When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are sure to be defeated in every … [Read more...]

Least Privilege Examples, as told by the Three Ghosts of “A Christmas Carol”

With the holiday season upon us, it’s a good time to settle down with a beloved story. I re-watched the Charles Dickens classic, A Christmas Carol, the other day (well, actually it was Scrooged with Bill Murray, of course) and found myself thinking about the parallels with cyber security. Really, I did. In the story, Ebenezer Scrooge is first visited by the Ghost of Christmas Past. They watch … [Read more...]

How to Protect Your macOS Endpoints with Shift from KEXT to SYSEX

Cue music: Ch-Ch-Cha-Changes In recent macOS releases, Apple has been drawing attention to third-party software that uses technology like kernel extensions and system extensions. This technology allows users to install components or apps that extend the native capabilities of the macOS operating system. Apple’s deprecation of kernel extensions (KEXTs) and introduction of Endpoint Security Enabled … [Read more...]

How to Expedite Discovery of Service Accounts for Onboarding into Service Account Governance

Service accounts, by their nature, can take on a life of their own. They’re rarely tied to a human owner if managed at all, so service account sprawl takes over and organizations’ privileged account attack surfaces can expand almost beyond measure. And with almost all medium to large organizations unable to pull service accounts into a standardized governance cycle, there’s a ton of risk, too. The … [Read more...]

Integrating Service Account Management Within Existing IT Workflows

IT service management providers have made strides replacing collections of legacy tools with a single unified IT service management platform. However, there are still many aspects of IT administration that must be done manually outside of such unified platforms. Service account management is one task that is commonly cumbersome to IT administrators and those in need of service accounts … [Read more...]

Thycotic shifts the language used in products and materials to promote inclusivity

This moment in 2020 is a flashpoint in time. We hear calls for a number of changes to address the current political and cultural climate.  As a security software company, our engineers have seen a lot of discussion around the use of terminology in technology that may be perceived as racist. Is it appropriate to use the terms master and slave? Is it appropriate to say blacklisting and whitelisting? … [Read more...]

Privileged Access Management for Industrial IoT

The convergence of operational technology (OT) and information technology (IT) has propelled “Industry 4.0” into the spotlight as the next wave of the industrial revolution. The Industrial Internet of Things (IIoT) brings IT and OT together in industries such as manufacturing, logistics, smart buildings, utilities, and critical infrastructure. Companies that get IIoT right will have a distinct … [Read more...]

2020 Global State of Least Privilege Report

New Global Survey Reveals Why 20% of Organizations Fail When Implementing Least Privilege Cyber Security Thycotic partnered with Cybrary, the cyber security workforce online training platform, to conduct a global survey of IT professionals focusing on how organizations are implementing a least privilege strategy. A new report summarizing the survey results reveals important insights for anyone … [Read more...]

Thycotic Integrations provide opportunities to connect, control and secure

Privileged access management (PAM) is a critical piece of your security infrastructure. But we know it’s just one part of your infrastructure which also includes identity and access management platforms, multi-factor authentication systems, SIEM tools, IT ticketing systems, DevOps tools, and more. Just as single products that aren’t usable result in slow implementation and low adoption, solutions … [Read more...]

The robots are here. Actually, they’ve been here for a while

Every team across your organization is looking for ways to free up more time. In the past year, Robotic Process Automation (RPA) has exploded as a new way to remove tedious, repetitive tasks from the shoulders of humans and give them to—you guessed it—robots. RPA essentially creates a non-person account—a “bot”—that mimics the activities of a user. The bot accesses the user’s computer and … [Read more...]