Upload
lindsay-marsh
View
45
Download
2
Embed Size (px)
Citation preview
EMPLOYEES AND OTHER INSIDERS
HAVE UNNECESSARY ACCESS
Employees, vendors and other insiders are often given
excessive access to systems and data – and that access
can go unmonitored.
Source: Verizon 2016 Data Breach Investigations Report
6
82% of cases in the report show compromises happening in minutes.
68% of the time, data exfiltration happens in a matter of days.
Privilege abuse was behind 66% of insider misuse incidents.
Source: Verizon 2016 Data Breach Investigations Report
CREDENTIALS ARE SHARED
AND UNMANAGED
Passwords are created and shared, but aren’t audited,
monitored or managed with discipline or accountability.
7
IT ASSETS COMMUNICATE
UNCHECKED
Desktops, laptops, servers and applications communicate and
open paths to sensitive assets and data.
Source: Verizon 2016 Data Breach Investigations Report
50% of all exploitations from system vulnerabilities happen 10-100 days after
the vulnerability is published, with the median around 30 days.
8
Basics – The Interface
3
2
1
1. Enter the target range
you wish to scan
2. Enter credentials that
will allow it to discover
3. Start the
scanning/discovery
process
Using the tool – Step 2
Under each tab, enter scan
credentials
• Windows Passwords
• SSH Passwords
(may be elevated)
• SSH Public Keys
(may be elevated)
The Results – What Next?
The results screen displays
data about discovered
systems and accounts
Actions:
• HTML Report
• Excel Analysis
• XML export to Password
Safe
Try Privilege Discovery and Report Tool (DART) for free!
• Discover: Finds and enumerates user accounts, all local
accounts, SSH keys, Windows and Linux groups, default
and hard-coded passwords, etc.
• Profile: Displays high level metrics such as password age
on credentials, accounts, and assets in a dashboard-type
view
• Report: Creates an HTML-based report, Excel report, and
can export data into XML which can be used to import
later into Password Safe
https://www.beyondtrust.com/free-privilege-discovery-reporting-tool
Privilege DART is a free tool that reveals elevated privileges on Windows, Mac, Linux
and Unix systems throughout your organization.