BeyondTrust and TAG Company Srl - brain-it.it · 3. 2018 Forrester Wave: Privileged Identity...
Transcript of BeyondTrust and TAG Company Srl - brain-it.it · 3. 2018 Forrester Wave: Privileged Identity...
© BeyondTrust 2019
2019
Eylam Tamary
BeyondTrust and TAG Company SrlREDUCE DATA BREACH RISKS WITH
AN INTEGRATED PAM PLATFORM
Carlo De Luca
Business Partner
© BeyondTrust 2019
PRIVILEGED ACCESS MANAGEMENT
CHALLENGES
Employees, vendors, and other insiders
have unnecessary or excessive access
to systems and data
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIES
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIES
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGMENT
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGMENT
SECUREREMOTE ACCESS
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGMENT
SECUREREMOTE ACCESS
ENDPOINT LEASTPRIVILEGE
SERVER LEASTPRIVILEGE
© BeyondTrust 2019
OFFICE INFRASTRUCTURE
3rd PARTIESATTACKERS
VULNERABILITYMANAGMENT
SECUREREMOTE ACCESS
PASSWORD & SESSIONMANAGEMENT
SERVER LEASTPRIVILEGE
ENDPOINT LEASTPRIVILEGE
#© BeyondTrust 2019
risk by the numbers
62% of companies aren’t adequately tracking privileged access 4
80%of breaches are the result of privileged account abuse or misuse.3
9 OUT OF 10 vulnerabilities are associated with excess admin rights 1
6.
1. 2018 Microsoft Vulnerabilities Report, BeyondTrust2. 2018 Verizon Data Breach Investigations Report3. 2018 Forrester Wave: Privileged Identity Management 4. 2018 Privileged Access Threat Report, BeyondTrust
28%of breaches involve insiders 2
Improperly Managed Privileged Access and
Accounts Put Your Organization At Risk
© BeyondTrust 2019
Attack Surface Continues To Evolve
SaaS + Cloud Admins - Superuser Accounts - Database & Application Admins - Privileged End Users - Developers - Machine Password & Keys
DevOps
• DevOps and SecDevOps Tools
• Dynamic Virtual Environments
• Containers
• Microservices
Internet of Things
• Roaming workstations
• BYOD
• Cameras
• Sensors
• Printers
• Any device with embedded
Internet connectivity
Cloud & Hybrid Cloud
Cloud Management Platforms (AWS, Azure)
Virtualized Environments (VMWare, MSFT)
Virtualized Machines (UNIX, Linux, Windows)
SaaS Apps (Facebook, LinkedIn, Custom)
On-Premise
• Shared Administrator Accounts
• Desktops (Windows, Mac)
• Servers (Unix, Linux, Windows)
• Industrial Control Systems
• Security & Network Infrastructure
• Applications & Databases
• Machine Credentials (App to App)
• Hypervisors & Virtual Machines
Expansion of Privileged Accounts
© BeyondTrust 2019
STAGE 1
Perimeter Exploitation
Attackers Exploit These Vulnerabilities To
Compromise IT Networks
STAGE 2
Privilege Hijacking
& Escalation
STAGE 3
Lateral Movement
& Exfiltration
Vulnerable accounts, systems, and uncontrolled remote access
are targeted
Compromised passwords are leveraged to hijack or elevate
unmanaged credentials or excessive privileges
Limited visibility enables the compromise of other network
resources
© BeyondTrust 2019
BeyondTrust Closes The Gaps
Identify and remediate vulnerabilities
Enforce least privilege
Limit access to sensitive assets
Eliminate shared accounts and password sharing
Reduce default user privileges
Monitor all privileged activities
Gain a holistic view of enterprise-wide security
Correlate and analyze behavior
Send alerts and contain threats
STAGE 1
Perimeter Exploitation
STAGE 2
Privilege Hijacking
& Escalation
STAGE 3
Lateral Movement
& Exfiltration
© BeyondTrust 2019
BEYONDTRUST INTEGRATED
PAM PLATFORM
Defend against threats related to stolen credentials,
misused privileges, and unwanted remote access, while
empowering end users
© BeyondTrust 2019
© BeyondTrust 2019
BeyondTrust Is An Industry Leader
Forrester PIM Wave, 2018 Gartner PAM Magic Quadrant, 2018 Forrester VRM Wave, 2018
© BeyondTrust 2019
MILLIONS OF USERS IN MORE THAN 80 COUNTRIES
20k+ Customers Trust Our Solutions
Hospitality &
Entertainment
Banking & Finance Retail
Insurance & Healthcare Government & EducationManufacturing & Utilities
Technology &Software
© BeyondTrust 2019
Ecosystem IntegrationMAXIMIZE YOUR EXISTING IT INVESTMENTS
PlugIns
Service Management
Threat Analytics
Vulnerability
ManagementIdentity
Governance
SIEM &
GRCIdentity
Access
Management
Cloud
DevOps
© 2018 BOMGAR© BeyondTrust 2019
The BeyondTrust Advantage
BROADEST SET OF PRIVILEGED ACCESS
CAPABILITIES IN THE INDUSTRY
• All from one company, with the combination of
BeyondTrust, Bomgar, Avecto, and Lieberman
Software in 2018
FLEXIBLE, EXTENSIBLE PLATFORM
• Designed to simplify integrations, enhance user
productivity, and maximize investments
HISTORY OF INNOVATION
• 30+ years of privilege security “firsts”, an expansive
roadmap, and an extensive partner community
around the world
© BeyondTrust 2019
Gain visibility and control over all
privileged accounts, users, and access
BEYONDTRUST
SOLUTIONS
© BeyondTrust 2019
PROTECT PASSWORDS AND CREDENTIALS
ELIMINATE EMBEDDED PASSWORDS IN APPS
REMOVE ADMIN PRIVILEGES FROM USERS AND SYSTEMS
CONTROL APPLICATION USAGE
REDUCE RISK FROM THIRD PARTY ACCESS
SUPPORT USERS, DESKTOPS, AND DEVICES
MEET COMPLIANCE MANDATES
Use Cases
#© BeyondTrust 2019
Protect Passwords & Credentials
PRIVILEGED ACCOUNT DISCOVERYFind and onboard credentials quickly with insight on
age and status
SHRINK YOUR ATTACK
SURFACE AND REDUCE
THE RISK OF A CYBER
BREACH
CENTRALIZED PASSWORD STORAGEManage, rotate, and randomize credentials for
privileged accounts
BEYOND USER PASSWORDSManage credentials for service accounts, cloud
services, SSH keys, and app to app access
CREDENTIAL INJECTIONAccess endpoints directly without exposing plain
text passwords
AUDIT & COMPLIANCETrack and log privileged credential activity
automatically and set granular permissions
#© BeyondTrust 2019
Eliminate Embedded Passwords in Apps
CREDENTIAL DISCOVERYFind passwords and keys embedded in applications,
scripts, and other code
CONTROL SCRIPTS, FILES,
CODE AND EMBEDDED
KEYS TO CLOSE
BACKDOORS TO YOUR
CRITICAL SYSTEMS
CREDENTIAL REMOVALEliminate embedded or hardcoded credentials and
service accounts and replace them with REST API calls
EXTENSIVE REST INTERFACELeverage multi-language support, including C/C++,
Perl, .NET, and Java
MONITORING & REPORTINGLog and audit application and other non-human
credential activity
#© BeyondTrust 2019
PREVENT ATTACKSRemove admin rights from all users to close gaps that
lead to ransomware and malware propagation
ACHIEVE COMPLIANCEMeet best practices for removing admin rights and
whitelisting applications
IMMEDIATE SECURITY GAINSAchieve fast time to value by removing admin rights
quickly
VISIBILITY INTO USER ACTIVITYCreate a consistent audit trail with integrated
session and file integrity monitoring
OPERATE EFFICIENTLY AT SCALEReduce helpdesk tickets, simplify maintenance, and
enable an admin-free environment
Remove Admin Privileges From Users and Systems
ENABLE USERS TO WORK
PRODUCTIVELY WITHOUT
ADMIN RIGHTS
#© BeyondTrust 2019
Control Application Usage
TRUST BASED WHITELISTING
Set flexible rules including automatic approval for
advanced users and challenge-response codes
ELIMINATE UNKNOWN AND
UNWANTED APPLICATIONS
IN YOUR NETWORK
VULNERABILTY BASED APP MANAGEMENTLeverage vulnerability data to provide intelligence on the
risk of applications targeted for elevation
CLEAR & CUSTOMIZABLE MESSAGINGImprove the user experience by enabling branded messages
to support access to previously unsanctioned software
SUPPORT FOR MULTIPLE APPLICATIONSCater to the needs of all users and tasks with support
for a broad set of application types
#© BeyondTrust 2019
Reduce Risk From Vendor Access
SECURE REMOTE ACCESS
Provide third-party vendors with secure, reliable
connections to access your network externally
CONTROL AND MANAGE
THIRD PARTY ACCESS TO
YOUR NETWORK
ACCOUNT ROTATIONRotate or reset vendor accounts automatically based on
your specifications
ACCESS ELEVATIONGrant vendors temporary elevated access, or limited to
certain timeframes
MONITORINGLog all session activity for a complete audit trail and
real time reporting
#© BeyondTrust 2019
SECURE REMOTE SUPPORTProvide fast remote assistance to any desktop, server, or
mobile device with screen sharing and remote control
MONITORINGLog all session activity for a complete audit trail, with
real time reporting
CHAT SUPPORTIncrease support staff productivity and end user
satisfaction
REMOTE CAMERA SHARINGPerform remote support on anything your customer
can see, including hardware and peripherals
INTEGRATIONS Maximize existing investments with CRM and ITSM
tools and password management solutions
Support Users, Desktops & Devices
QUICKLY ACCESS AND FIX
ANY DEVICE OR DESKTOP,
ANYWHERE, ON ANY
PLATFORM
#© BeyondTrust 2019
GRANULAR PERMISSIONSAssign permissions individually or through group
policies for privileged users & IT vendors
AUDITING & MONITORINGLog all session activity for a complete audit trail with
real time reporting
PASSWORD PROTECTIONEnforce password policies and automatically rotate
passwords
ENCRYPTIONSecure all communications between the user and the
remote systems using TLS 1.2 encryption
TWO FACTOR AUTHENTICATIONUtilize native 2FA or integrate with your existing
solution
Meet Compliance Mandates
SATISFY AUDIT AND
COMPLIANCE
REQUIREMENTS QUICKLY
AND EFFECTIVELY
© BeyondTrust 2019
The broadest set of privilege security capabilities
available in one platform
BEYONDTRUST
PRODUCT PORTFOLIO
© BeyondTrust 2019
ProductsPASSWORD SAFE
ENDPOINT PRIVILEGE MANAGEMENT
SECURE REMOTE ACCESS
VULNERABILITY MANAGEMENT
CHANGE AUDITING
© BeyondTrust 2019
Password Safe
ENABLE UNIFIED
PASSWORD & SESSION
MANAGEMENT
Powered by PowerBroker
DISCOVERY & AUTOMATED ACCOUNT BOARDINGScan, identify and profile all assets and accounts
ADVANCED THREAT ANALYTICS & REPORTING
Correlate anomalous behavior against a baseline and
compare user activity against asset vulnerability data
ENHANCED SESSION MONITORING & MANAGEMENT
Provide full session recording and real-time visibility into
privileged user behavior
TURNKEY DEPLOYMENTEnable fully hardened appliance (OS, application,
database) with packaged updates for maintenance with a
single interface to configure and manage solution
© BeyondTrust 2019
Endpoint Privilege Management
ELIMINATE UNNECESSARY
PRIVILEGES & ELEVATE
RIGHTS TO WINDOWS,
MAC, UNIX, LINUX &
NETWORK DEVICES
Powered by PowerBroker + Avecto
COMPLETE PLATFORM COVERAGE
Protect Windows, Mac, Linux, Unix, and network devices
as well as Cloud, IoT, DevOps endpoints
QUICK STARTLeverage immediate out-of-the-box deployment model and
reference best practice architectures for rapid deployment
GRANULAR APPLICATION & COMMAND CONTROL
Enforce least privilege and application control, implement
remote application and command execution on all
platforms, and provide advanced control and audit of
commands, files, and scripts across Linux/Unix
© BeyondTrust 2019
Secure Remote Access
SECURE AND CONTROL
PRIVILEGED REMOTE
ACCESS FOR INSIDERS &
VENDORS
Powered by Bomgar
SECURE BY DESIGNEnable a single tenant appliance architecture, with a unique URL and customized portal, comprehensive authentication methods, and role based policy management
BUILT FOR THE SERVICE DESK & VENDOR ACCESSConnect from anything, to anything, with comprehensive
features designed to maximize productivity – no VPN required
FLEXIBLE DEPLOYMENT & LICENSING OPTIONSSelect on premise (physical/virtual), SaaS or private cloud
deployment and perpetual or subscription concurrent licensing
INTEGRATED WITH PASSWORD & SESSION MANAGEMENTRetrieve privileged credentials automatically when
accessing target systems, with no need for users t0 view
plain text passwords
© BeyondTrust 2019
Vulnerability Management
IDENTIFY, PRIORITIZE &
REMEDIATE VULNERABILITIES
& INFORM PRIVILEGE
DECISIONS WITH RISK
INSIGHTS
Powered by PowerBroker
ZERO GAP COVERAGEDiscover and assess any IT resource in the organization including network, web, mobile, cloud and virtual infrastructures in every lifecycle phase, from assessment to remediation
DEEP REPORTING & ANALYTICSUtilize a single dashboard to ensure that all teams have the information they need to effectively manage application and asset risk
INTEGRATED SCANNING
Retrieve credentials with the highest level of privileges through
native integration with Password Safe
RISK IN CONTEXTProvide a holistic view of enterprise-wide security,
including risk from users, accounts and their privileges,
and other security solutions such as SIEMs and firewalls
© BeyondTrust 2019
Change Auditing
GAIN REAL-TIME AUDITING &
RECOVERY FOR WINDOWS
ENVIRONMENTS
Powered by PowerBroker
AUDIT & ALERTAudit the who, what, where and when of changes and alert to those changes, including Active Directory, file systems, Exchange, SQL and NetApp
RECOVER & ROLLBACKProvide rollback and restore of any Active Directory changes or deletions, and backup and restore of Group Policy, protecting the business from downtime
DISCOVER & ENFORCEDeliver entitlement reporting, ensuring that users have access to the
resources – and only those resources – they need to do their jobs
SINGLE MANAGEMENT CONSOLECentralize auditing, reporting and recovery into a single
web-based interface, with more capabilities than native
tools and a unified view of changes