Active Authentication to Protect IT Assets - Onion ID

ACTIVE AUTHENTICATION FOR INFRASTRUCTURE

HELLO! I am Anirban Banerjee. I am the Founder and CEO of Onion ID.
https://calendly.com/anirban/enterprise-demo/

THE STATUS QUO
CHALLENGES AND THREATS
GOING FORWARD

THE STATUS QUO
4

IT INFRASTRUCTURE
TODAY
Laptops
In house servers
Cloud servers
Mobile devices
Containers
Network equipment

WHO IS ACCESSING
Devops IT
Developers Shadow IT Bloggers Marketing
Automated Software Deploy and Build software Vendors and 3rd parties

THE STATUS QUO
Usernames/ passwords
SSH Keys
Helps login automatically
IP filters
Only talk to certain computers
VPNs
Some Security
Encrypted traffic

CHALLENGES AND THREATS

CHALLENGES
IT Outsourcing

CHALLENGES
Inflexible Multiple dev teams Geographically distributed Shadow IT High Velocity Changes IaaS/Paas via
APIs AWS, Rackspace, Docker All types of web apps Employee churn Compliance and Audits Attack surface has changed Horizontal attacker movement Vertical privilege escalation

THE THREAT LANDSCAPE
Horizontal and Vertical Attacker Movement

GOING FORWARD

ACTIVE AUTHENTICATION
CAN HELP
Concept of least privilege Risk score everything Every command is analyzed Learn, Match, Act, Update

WHAT TO LOOK FOR AND WHAT
TO DO
Usually never runs visudo /etc/shadow high risk COMMANDSBEING
RUN
Where are you connecting from, time, # of connections
CONNECTIONSTATISTICS
Risk score every command: White, Grey, Black EVERYCOMMAND
ISANALYZED
Invisible 2FA for Grey, Physical 2FA for Black TAKEACTION
Apache Spark, Pykit Sci, SSH proxies TOOLS

COMPLIANCE
PCI DSS, HIPAA, FedRamp, FFIEC, SOX, SOC I,II Legal consequences Provide proof of controls Keep the board informed Use tools for reporting, automate

BEST PRACTICES
SSH Key rotations Device fingerprinting Credential rotations for VPN MAC address pinning Review logs regularly Audit user accounts

CONTINUOUS IMPROVEMENT
Your system needs to keep learning
Think about rule based approach, dont obsess
Follow good login hygiene
Use DNS instead of nailed IPs
Audit shadow IT accounts

Connect with us
18 calendly.com/anirban/enterprise-demo/ Free Trial on OnionID.com [email protected] 1-888-315-4745 Twitter - @onion_id Connect with us on FB or Linkedin
We will be posting these slides
Feedback is very welcome
https://calendly.com/anirban/enterprise-demo/

THANK YOU! Any questions? You can find more about us at: Onion ID Privilege Management in 60 Seconds www.onionid.com , [email protected] Tel: +1-888 315 4745

Active Authentication to Protect IT Assets - Onion ID

Documents

Transcript of Active Authentication to Protect IT Assets - Onion ID

Protect your mobile apps with Modern Authentication and Microsoft Intune · PDF file Authentication and Microsoft Intune . Objectives. Stay innovative Collaborate Protect data Work

proven. trusted. · PDF file Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to make remote access to the

Information Assurance (IA) - Measures that protect and defend information and information systems by ensuring their availability, integrity, authentication,

Ultra-strong authentication to protect network ... Ultra-strong authentication to protect network access and assets ESET Secure Authentication provides powerful authentication to make

Pakistan onion: the informal regulation of the onion

Onions Powder Making, - ... How to Make Onion Powder, Onions Powder Making, Onion Processing Introduction The onion, also known as the bulb onion or common onion, is used as a vegetable

Advanced Authentication - Administration ... Advanced Authentication is a multi-factor authentication solution that enables you to protect your sensitive data by using a more advanced

Privacy Preserving Technology - pcpd.org.hk Onion Router (TOR) •Protect your anonymity when browsing the web –against web sites tracking –against traffic analysis ... Carol CHAN

For · PDF file Customer Testimonials ... Studio is designed for secure project collaboration, utilizing encryption and authentication protocols to protect your documents. Session

Advanced Security for Industrial Networks · PDF file Advanced Security for Industrial Networks Redefining visibility, authentication and access to protect mission-critical networks

User Guide RSA SecurID Token Requests · PDF file RSA SecurID is a multi-factor authentication technology that is used to protect network services. The RSA SecurID authentication mechanism

Authentication Without Authentication

Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources

HILLCOUNTRYgato-docs.its. Audubon Society: National Audubon Society: Texas Barton Springs and Onion Creek ... North American Lake Management Society (NALMS) Protect Lake Travis Association

ïµ Authentication o Something you know (password) o Something you have (smartcard) o Something about you (iris scan) ïµ Password authentication o To protect

Ultra-strong authentication to protect network access and ... · PDF file ESET Secure Authentication provides powerful authentication to make remote access to the company network and

Email authentication methods to protect your brand or domain reputation

Cloud Protection & Licensing Solutions - Protecting Your On ... ... Your company has chosen SafeNet Authentication Service Cloud Managed Authentication Service to help you protect

SysInfoTools PDF Protect & Unprotect v3 · PDF fileSysInfoTools PDF Protect & Unprotect v3.0 9 Our Sales team will receive your email and send you the Authentication Code with License

Think like an Attacker to Protect against Data Breach · PDF file 2019-10-23 · Enumerating subdomains. Public facing without muti-factor authentication. Why multi-factor authentication