Upload
jose-luis-balbiano
View
79
Download
0
Tags:
Embed Size (px)
Citation preview
1
Introducing CyberArkSecurity for the Heart of the Enterprise
Presentación preparada por
Carolina Bozza
5
Privileged Accounts Create a Huge Attack Surface
Privileged
AccountsSystem
Administrators
3rd Party & Service
Providers
Select Business
Users
Social Networking
Account
Managers
Applications
• Privileged accounts exist in every connected device,
database, application, industrial controller and more!
• Typically a ~3X ratio of privileged accounts to employees
6
Layers of Security in the Digital Vault
Vault Safes
Tamper-Proof
Auditability
Comprehensive
Monitoring
Segregation of
Duties
Firewall Authentication
Hierarchical
Encryption
Session
Encryption
7
Network Devices
Servers Mainframes
Databases Applications
Security Appliances
Websites/ Web Apps
Cloud Infrastructure
Enterprise Password Vault (EPV)
Enterprise Password Vault Enterprise Resources
Secure Storage
Password Rotation
*****
End Users
PVWA
8
Servers Mainframes
Databases Applications
Cloud Infrastructure
SSH Key Manager
SSH Key Manager Unix/Linux ResourcesEnd Users
PVWA
Secure Storage
Key Rotation and Distribution
Pub.Priv.
9
Network Devices
Servers Mainframes
Databases Applications
Security Appliances
Websites/ Web Apps
Cloud Infrastructure
Privileged Session Manager (PSM), Layered with EPV
Privileged Session Manager Enterprise ResourcesEnd Users
PVWAPrivileged Session
Manager
10
Network Devices
Servers Mainframes
Databases Applications
Security Appliances
Websites/ Web Apps
Cloud Infrastructure
Secure Storage
Password Rotation
*****
Type System
Accounts Receivable
CRM
HumanResources
Online Booking System
Application Identity Manager (AIM)
Application Identity Manager Enterprise ResourcesApplications
WebSphere
WebLogic
IIS / .NET
Legacy / Homegrown
UserName = “app”Password = “y7qeF$1”Host = “10.10.3.56”ConnectDatabase(Host, UserName, Password)
UserName = GetUserName()Password = GetPassword()Host = GetHost()ConnectDatabase(Host, UserName, Password)
11
Unix Linux
Target Resources
Windows Server
Windows PC OS
On-Demand Privileges Manager (OPM)
On-Demand Privileges ManagerEnd Users
3. Validate policy
4. One-time access granted
Limit User Privileges:
• Standard privileges
• Permitted elevated privileges
• Blocked privileges
1. Elevated privilege request sent
2. Authenticate user
12
Privileged Threat Analytics
Normal
Abnormal
ALERT:SIEM & CyberArk
Behavioral Analysis
SIEM Solutions
Login Data
Target System Data
GOALS:
• Find the signal in the noise.
• Enable the SOC to instantly locate the most serious alerts.
Behavioral Analysis: Self-learning statistical model based on a combination of patented algorithms, login data, and target system data gathered from inbound SIEM integrations.
13
CyberArk’s Privileged Account Security Solution
Enterprise
Password
Vault®
Privileged
Session
Manager®
Application
Identity
Manager™
On-Demand
Privileges
Manager™
Management Portal/Web Access
Master Policy
Secure Digital Vault™
Privileged Threat Analytics
Shared
Technology
Platform
Proactive
Controls,
Monitoring &
Management
Behavioral
Analytics
Protect Detect Respond
SSH Key
Manager