Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
© BeyondTrust 2019
Tom Scase – Senior Solutions Engineer
3rd April 2019
PAM: The critical missing piece in your security strategy
© BeyondTrust 2019
PRIVILEGED ACCESS MANAGEMENT
CHALLENGES
Employees, vendors, and other insiders
have unnecessary or excessive access
to systems and data
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIES
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIES
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGEMENT
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGEMENT
SECUREREMOTE ACCESS
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGEMENT
SECUREREMOTE ACCESS
ENDPOINT LEASTPRIVILEGE
SERVER LEASTPRIVILEGE
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGEMENT
SECUREREMOTE ACCESS
SERVER LEASTPRIVILEGE
PASSWORD & SESSIONMANAGEMENT
ENDPOINT LEASTPRIVILEGE
#© BeyondTrust 2019
risk by the numbers
62% of companies aren’t adequately tracking privileged access 4
80%of breaches are the result of privileged account abuse or misuse.3
9 OUT OF 10 vulnerabilities are associated with excess admin rights 1
6.
1. 2018 Microsoft Vulnerabilities Report, BeyondTrust2. 2018 Verizon Data Breach Investigations Report3. 2018 Forrester Wave: Privileged Identity Management 4. 2018 Privileged Access Threat Report, BeyondTrust
28%of breaches involve insiders 2
Improperly Managed Privileged Access and
Accounts Put Your Organization At Risk
© BeyondTrust 2019
Attack Surface Continues To Evolve
SaaS + Cloud Admins - Superuser Accounts - Database & Application Admins - Privileged End Users - Developers - Machine Password & Keys
DevOps
• DevOps and SecDevOps Tools
• Dynamic Virtual Environments
• Containers
• Microservices
Internet of Things
• Roaming workstations
• BYOD
• Cameras
• Sensors
• Printers
• Any device with embedded
Internet connectivity
Cloud & Hybrid Cloud
Cloud Management Platforms (AWS, Azure)
Virtualized Environments (VMWare, MSFT)
Virtualized Machines (UNIX, Linux, Windows)
SaaS Apps (Facebook, LinkedIn, Custom)
On-Premise
• Shared Administrator Accounts
• Desktops (Windows, Mac)
• Servers (Unix, Linux, Windows)
• Industrial Control Systems
• Security & Network Infrastructure
• Applications & Databases
• Machine Credentials (App to App)
• Hypervisors & Virtual Machines
Expansion of Privileged Accounts
© BeyondTrust 2019
STAGE 1
Perimeter Exploitation
Attackers Exploit These Vulnerabilities To
Compromise IT Networks
STAGE 2
Privilege Hijacking
& Escalation
STAGE 3
Lateral Movement
& Exfiltration
Vulnerable accounts, systems, and uncontrolled remote access
pathways are targeted
Compromised passwords are leveraged to hijack privileges
Limited visibility enables the compromise of other network
resources
© BeyondTrust 2019
BeyondTrust Closes The Gaps
Identify and remediate vulnerabilities
Enforce least privilege
Limit access to sensitive assets
Eliminate shared accounts and passwords
Reduce default user privileges
Manage & monitor all privileged activities
Gain a holistic view of enterprise-wide security
Correlate and analyze behavior
Send alerts and contain threats
STAGE 1
Perimeter Exploitation
STAGE 2
Privilege Hijacking
& Escalation
STAGE 3
Lateral Movement
& Exfiltration
© BeyondTrust 2019
BEYONDTRUST INTEGRATED
PAM PLATFORM
Defend against threats related to stolen credentials,
misused privileges, and unwanted remote access, while
empowering end users
© BeyondTrust 2019
Gain visibility and control over all
privileged accounts, users, and access
BEYONDTRUST
SOLUTIONS
© BeyondTrust 2019
PROTECT PASSWORDS AND CREDENTIALS
ELIMINATE EMBEDDED PASSWORDS IN APPS
REMOVE ADMIN PRIVILEGES FROM USERS
CONTROL APPLICATION USAGE
REDUCE RISK FROM THIRD PARTY ACCESS
SUPPORT USERS, DESKTOPS, AND DEVICES
MEET COMPLIANCE MANDATES
Use Cases
#© BeyondTrust 2019
Protect Passwords & Credentials
PRIVILEGED ACCOUNT DISCOVERYFind and onboard credentials quickly with insight on
age and status
SHRINK YOUR ATTACK
SURFACE AND REDUCE
THE RISK OF A CYBER
BREACH
CENTRALIZED PASSWORD STORAGEManage, rotate, and randomize credentials for
privileged accounts
BEYOND USER PASSWORDSManage credentials for service accounts, cloud
services, SSH keys, and app to app access
CREDENTIAL INJECTIONAccess endpoints directly without exposing plain
text passwords
AUDIT & COMPLIANCETrack and log privileged credential activity
automatically and set granular permissions
#© BeyondTrust 2019
Eliminate Embedded Passwords in Apps
CREDENTIAL DISCOVERYFind passwords and keys embedded in applications,
scripts, and other code
CONTROL SCRIPTS, FILES,
CODE AND EMBEDDED
KEYS TO CLOSE
BACKDOORS TO YOUR
CRITICAL SYSTEMS
CREDENTIAL REMOVALEliminate embedded or hardcoded credentials and
service accounts and replace them with REST API calls
EXTENSIVE REST INTERFACELeverage multi-language support, including C/C++,
Perl, .NET, and Java
MONITORING & REPORTINGLog and audit application and other non-human
credential activity
#© BeyondTrust 2019
PREVENT ATTACKSRemove admin rights from all users to close gaps that
lead to ransomware and malware propagation
ACHIEVE COMPLIANCEMeet best practices for removing admin rights and
whitelisting applications
IMMEDIATE SECURITY GAINSAchieve fast time to value by removing admin rights
quickly
VISIBILITY INTO USER ACTIVITYCreate a consistent audit trail with integrated
session and file integrity monitoring
OPERATE EFFICIENTLY AT SCALEReduce helpdesk tickets, simplify maintenance, and
enable an admin-free environment
Remove Admin Privileges From Users
ENABLE USERS TO WORK
PRODUCTIVELY WITHOUT
ADMIN RIGHTS
#© BeyondTrust 2019
Control Application Usage
TRUST BASED WHITELISTING
Set flexible rules including automatic approval for
advanced users and challenge-response codes
IMPLEMENT A WHITELIST
THAT WORKS IN AN
ENTERPRISE FLEXIBLE APPLICATION DEFINITIONSMeet ALL use cases and scenarios
CLEAR & CUSTOMIZABLE MESSAGINGImprove the user experience by enabling branded messages
to support access to previously unsanctioned software
COMPREHENSIVE APPLICATION SUPPORTCater to the needs of all users and tasks with support
for a broad set of application types
#© BeyondTrust 2019
Reduce Risk From Vendor Access
SECURE REMOTE ACCESS
Provide third-party vendors with secure, reliable
connections to access your network externally
CONTROL AND MANAGE
THIRD PARTY ACCESS TO
YOUR NETWORK
ACCOUNT ROTATIONRotate or reset vendor accounts automatically based on
your specifications
ACCESS ELEVATIONGrant vendors temporary elevated access, or limited to
certain timeframes
MONITORINGLog all session activity for a complete audit trail and
real time reporting
#© BeyondTrust 2019
SECURE REMOTE SUPPORTProvide fast remote assistance to any desktop, server, or
mobile device with screen sharing and remote control
MONITORINGLog all session activity for a complete audit trail, with
real time reporting
CHAT SUPPORTIncrease support staff productivity and end user
satisfaction
REMOTE CAMERA SHARINGPerform remote support on anything your customer
can see, including hardware and peripherals
INTEGRATIONS Maximize existing investments with CRM and ITSM
tools and password management solutions
Support Users, Desktops & Devices
QUICKLY ACCESS AND FIX
ANY DEVICE OR DESKTOP,
ANYWHERE, ON ANY
PLATFORM
#© BeyondTrust 2019
GRANULAR PERMISSIONSAssign permissions individually or through group
policies for privileged users & IT vendors
AUDITING & MONITORINGLog all session activity for a complete audit trail with
real time reporting
PASSWORD PROTECTIONEnforce password policies and automatically rotate
passwords
ENCRYPTIONSecure all communications between the user and the
remote systems using TLS 1.2 encryption
TWO FACTOR AUTHENTICATIONUtilize native 2FA or integrate with your existing
solution
Meet Compliance Mandates
SATISFY AUDIT AND
COMPLIANCE
REQUIREMENTS QUICKLY
AND EFFECTIVELY
© BeyondTrust 2019
The broadest set of privilege security capabilities
available in one platform
BEYONDTRUST
PRODUCT PORTFOLIO
© BeyondTrust 2019
© BeyondTrust 2019
ProductsVULNERABILITY MANAGEMENT
PASSWORD SAFE
ENDPOINT PRIVILEGE MANAGEMENT
SECURE REMOTE ACCESS
CHANGE AUDITING
© BeyondTrust 2019
Vulnerability Management
IDENTIFY, PRIORITIZE &
REMEDIATE VULNERABILITIES
& INFORM PRIVILEGE
DECISIONS WITH RISK
INSIGHTS
Powered by PowerBroker
ZERO GAP COVERAGEDiscover and assess any IT resource in the organization including network, web, mobile, cloud and virtual infrastructures in every lifecycle phase, from assessment to remediation
DEEP REPORTING & ANALYTICSUtilize a single dashboard to ensure that all teams have the information they need to effectively manage application and asset risk
INTEGRATED SCANNING
Retrieve credentials with the highest level of privileges through
native integration with Password Safe
RISK IN CONTEXTProvide a holistic view of enterprise-wide security,
including risk from users, accounts and their privileges,
and other security solutions such as SIEMs and firewalls
© BeyondTrust 2019
Password Safe
ENABLE UNIFIED
PASSWORD & SESSION
MANAGEMENT
Powered by PowerBroker
DISCOVERY & AUTOMATED ACCOUNT ONBOARDINGScan, identify and profile all assets and accounts
ADVANCED THREAT ANALYTICS & REPORTING
Correlate anomalous behavior against a baseline and
compare user activity against asset vulnerability data
ENHANCED SESSION MONITORING & MANAGEMENT
Provide full session recording and real-time visibility into
privileged user behavior
TURNKEY DEPLOYMENTEnable fully hardened appliance (OS, application,
database) with packaged updates for maintenance with a
single interface to configure and manage solution
© BeyondTrust 2019
Endpoint Privilege Management
ELIMINATE UNNECESSARY
PRIVILEGES & ELEVATE
RIGHTS TO WINDOWS,
MAC, UNIX, LINUX &
NETWORK DEVICES
Powered by Defendpoint
COMPLETE PLATFORM COVERAGE
Protect Windows, Mac, Linux, Unix, and network devices
as well as Cloud, IoT, DevOps endpoints
QUICK STARTLeverage immediate out-of-the-box deployment model and
reference best practice architectures for rapid deployment
GRANULAR APPLICATION CONTROL
Enforce least privilege and whitelisting on all platforms,
and provide advanced control and audit of commands,
files, and scripts across Linux/Unix
FLEXIBLE EXCEPTION HANDLINGUnrivalled fully customizable, gated access messaging
providing the right balance of end user flexibility and security
© BeyondTrust 2019
Secure Remote Access
SECURE AND CONTROL
PRIVILEGED REMOTE
ACCESS FOR INSIDERS &
VENDORS
Powered by Bomgar
SECURE BY DESIGNEnable a single tenant appliance architecture, with a unique URL and customized portal, comprehensive authentication methods, and role based policy management
BUILT FOR THE SERVICE DESK & VENDOR ACCESSConnect from anything, to anything, with comprehensive
features designed to maximize productivity – no VPN required
FLEXIBLE DEPLOYMENT & LICENSING OPTIONSSelect on premise (physical/virtual), SaaS or private cloud
deployment and perpetual or subscription concurrent licensing
INTEGRATED WITH PASSWORD & SESSION MANAGEMENTRetrieve privileged credentials automatically when
accessing target systems, with no need for users t0 view
plain text passwords
© BeyondTrust 2019
Change Auditing
GAIN REAL-TIME AUDITING &
RECOVERY FOR WINDOWS
ENVIRONMENTS
Powered by PowerBroker
AUDIT & ALERTAudit the who, what, where and when of changes and alert to those changes, including Active Directory, file systems, Exchange, SQL and NetApp
RECOVER & ROLLBACKProvide rollback and restore of any Active Directory changes or deletions, and backup and restore of Group Policy, protecting the business from downtime
DISCOVER & ENFORCEDeliver entitlement reporting, ensuring that users have access to the
resources – and only those resources – they need to do their jobs
SINGLE MANAGEMENT CONSOLECentralize auditing, reporting and recovery into a single
web-based interface, with more capabilities than native
tools and a unified view of changes
© BeyondTrust 2019
Ecosystem IntegrationMAXIMIZE YOUR EXISTING IT INVESTMENTS
PlugIns
Service Management
Threat Analytics
Vulnerability
ManagementIdentity
Governance
SIEM &
GRCIdentity
Access
Management
Cloud
DevOps
© 2018 BOMGAR© BeyondTrust 2019
The BeyondTrust Advantage
BROADEST SET OF PRIVILEGED ACCESS
CAPABILITIES IN THE INDUSTRY
• All from one company, with the combination of
BeyondTrust, Bomgar, Avecto, and Lieberman Software
in 2018
FLEXIBLE, EXTENSIBLE PLATFORM
• Designed to simplify integrations, enhance user
productivity, and maximize investments
HISTORY OF INNOVATION
• 30+ years of privilege security “firsts”, an expansive
roadmap, and an extensive partner community around
the world
© BeyondTrust 2019
Forrester PIM Wave 2018 Gartner PAM Magic Quadrant 2018
BeyondTrust Is An Industry Leader