Privilege Manager 11: New privilege management capabilities for Unix and Linux

With the latest release of Privilege Manager, all endpoints and servers throughout your organization can now follow consistent least privilege and Zero Trust policies, whether they are Windows, Mac, or Unix/Linux. Until now, privilege security for Unix/Linux has been cumbersome and even risky.  Unix/Linux has become the go-to operating system for many types of computer hardware. The applications … [Read more...]

Defense-in-depth with Overlapping Rings of Endpoint Security

Defense-in-depth with overlapping rings of endpoint security When a cyber criminal wants to break into your network, the number one way they succeed is by attacking endpoints. Cyber criminals break into one endpoint and then use the passwords found there, and the privileges they provide, to move laterally from the endpoint onto your network. Endpoint Privilege Management (EPM) can keep exploits … [Read more...]

Enterprise Endpoint Management is a must when all users are privileged users

A newly released eBook, The Definitive Guide to Endpoint Privilege Management (EPM), makes a strong case for why vulnerable endpoints must be secured from the perspective that all users are privileged users. In the guide’s Foreword, I emphasize that user identity has become the new “perimeter” of cyber security. That’s because a single compromised credential on a home desktop, laptop, or mobile … [Read more...]

An ethical hack reveals endpoint security vulnerabilities

“Know thy enemy and know yourself; in a hundred battles, you will never be defeated.” ~ Sun Tzu, The Art of War Sun Tzu’s advice is as applicable in cyber security as it is in battle. He warns, “When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are sure to be defeated in every … [Read more...]

Hardening Windows Endpoints Against Cyber Attack: Part II

In Part I of the blog series, Hardening Windows Endpoints Against Cyber Attack, I covered the first three steps of an ethical hack. Step 0: Pre-Engagement Step 1: Passive Recon Step 2: Active Recon Now the run really begins. In this blog post, you’ll learn how to put all the knowledge you gained during the planning and reconnaissance steps into action. Let’s walk through the next steps: Step 3: … [Read more...]

Least Privilege Examples, as told by the Three Ghosts of “A Christmas Carol”

With the holiday season upon us, it’s a good time to settle down with a beloved story. I re-watched the Charles Dickens classic, A Christmas Carol, the other day (well, actually it was Scrooged with Bill Murray, of course) and found myself thinking about the parallels with cyber security. Really, I did. In the story, Ebenezer Scrooge is first visited by the Ghost of Christmas Past. They watch … [Read more...]

Hardening Windows Endpoints Against Cyber Attack: Part I

To secure Windows endpoints against cyber attacks, it helps to think like a cyber criminal. Cyber criminals look for the cheapest, fastest, stealthiest way to achieve their goals. Windows endpoints provide many opportunities to gain entry to IT environments and access to sensitive information. As part of the ethical hacking community, my ultimate goal is to help you secure your organization. … [Read more...]

How to Protect Your macOS Endpoints with Shift from KEXT to SYSEX

Cue music: Ch-Ch-Cha-Changes In recent macOS releases, Apple has been drawing attention to third-party software that uses technology like kernel extensions and system extensions. This technology allows users to install components or apps that extend the native capabilities of the macOS operating system. Apple’s deprecation of kernel extensions (KEXTs) and introduction of Endpoint Security Enabled … [Read more...]

Every system is a privileged system: Incorporating Unix/Linux in your privilege management strategy

Lately we’ve been banging the drum that “every user is a privileged user,” meaning privileged users aren’t limited to system administrators but also include business users with access to applications and endpoints linked to critical business data and functions. The second verse to that refrain is that “every system is a privileged system.” Within your IT environment, laptops, servers, databases, … [Read more...]

Bring to Light the Security Risks of Web Applications run by Shadow IT

A quiet proliferation of SaaS and web applications and infrastructure with web-based interfaces is taking place throughout your organization. These applications are often essential to business, financial, and technical users. Yet, security and operations folks who are tasked with safeguarding your entire IT environment are likely unaware of the breadth of applications in use. Even when they are … [Read more...]