Welcome!

News Feed Item

Privilege Management Provides Defense Against Land-and-Expand Cyber Attacks

Lieberman Software Explains How Advanced Persistent Threats (APTs) Are Almost Impossible to Stop, but Damage Can Be Limited With Privilege Management and Secure Network Design

LOS ANGELES, CA--(Marketwired - June 23, 2014) - Given the reality of today's advanced persistent threats (APTs) and sophisticated nation-state cyber attacks, virtually all enterprises have already been breached. However, by controlling and hardening privileged credentials, an organization can deny intruders broad access inside the network and prevent them from covertly accessing and extracting sensitive information at will.

This real-world approach to securing enterprise networks in the face of APTs is the subject of Philip Lieberman's presentation "Next Generation Technology Approaches to Manage Privileged Identities, Users and Applications" at this week's Gartner Security and Risk Management Summit. The session will be held on Tuesday, June 24 at 2:45 p.m. ET in the Potomac C room of the Gaylord National in National Harbor, Md. Lieberman is the President and CEO of Lieberman Software Corporation, a Premier Sponsor at this event and an exhibitor in booth 325.

"Conventional detect and respond tools like firewalls and intrusion prevention systems (IPS) react too late to stop zero-day exploits launched by highly skilled, professional-level attackers," Lieberman said. "IT security in most enterprises is analogous to a candy with a hard shell and a gooey interior. Today's attackers can break through the outer security -- the shell -- almost at will. Since interior security is so soft, full control over victims' networks can be obtained in a matter of minutes."

"The reality of this porous perimeter is that we must assume that attacks will succeed and intrusions will occur," he continued. "Therefore, IT departments need to ask -- what happens after a machine is compromised, a key logger is loaded, and usernames and passwords are available to the criminals? How far into the network can the hackers reach, and for how long?"

Restrict Targeted Intrusions with Privilege Management

To defend against APTs and cyber criminals, organizations can implement automated privilege management solutions. Privilege management minimizes lateral motion of intruders inside the network, time-limits the value of privileged credentials, and controls the scope of access inside the IT environment to authorized and audited users with valid reasons for access. 

"If you assume that one or more of your machines has become owned by an outsider -- via a successful social engineering attack, for example -- then privilege management is a proven active defense solution to limit how far the attacker can expand in the environment, and mitigate how long a captured credential can be exploited," Lieberman said. "To complete the earlier analogy, privilege management replaces that gooey IT interior security by adding a consistent security texture all the way through the enterprise. In essence, even if an attacker has obtained user names and passwords, they are of very little use beyond the initial breached system. The stolen credentials can't help them leapfrog from system to system within the environment, and extract sensitive data along the way."

With enterprise-grade privilege management, an organization can maintain a continuous, up-to-date list of systems and accounts -- including administrative logins, service accounts, and application passwords. Privilege management can then ensure that each system has unique, complex and frequently changing passwords. There are no shared credentials that attackers can use to access multiple systems. Disclosed passwords are changed immediately after use, so no one retains knowledge of "password secrets" for the future.

"The key to privilege management is the ability to automatically discover and remediate security breaches before cyber attackers can exploit them," Lieberman said.

The Lieberman Software Solution
Lieberman Software's Enterprise Random Password Manager™ (ERPM) is a privilege management platform with proven privileged identity management functionality that automatically detects, secures and audits privileged accounts throughout the cross-platform enterprise, both on-premises and in the cloud. It ensures that privileged identities are only available on a temporary, delegated basis to prevent unauthorized and anonymous access to systems with sensitive data.

ERPM was recently enhanced with a new privileged access management module that provides authorized users with automated access to corporate applications -- whether on-premises, in the cloud or third-party -- without disclosing passwords. Elevated operations performed by users are automatically recorded and audited. Users are granted quick and full access to the business applications they need to perform their job roles. However, privileged credentials that manage access to the applications are never known to users, and cannot be accessed without triggering an audit trail.

For more information see www.liebsoft.com/enterprise_random_password_manager.

About Lieberman Software Corporation
Lieberman Software provides award-winning privilege management products to more than 1200 enterprise customers worldwide, including nearly half of the Fortune 50. By automatically locating, securing and continuously auditing privileged identities, both on-premises and in the cloud, Lieberman Software helps protect access to systems with sensitive data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privilege management space, and its products, including Enterprise Random Password Manager (ERPM), continue to lead the market. Lieberman Software also provides a mature line of Windows security management tools. The company is headquartered in Los Angeles, CA, with offices and channel partners located around the world. For more information, visit www.liebsoft.com.

Product and company names herein may be trademarks of their registered owners.

For more information, please contact:

Kevin Franks
Marketing Communications Manager
Lieberman Software Corporation
310.300.3562
Email contactEmail contactEmail contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Join IBM November 2 at 19th Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how to go beyond multi-speed it to bring agility to traditional enterprise applications. Technology innovation is the driving force behind modern business and enterprises must respond by increasing the speed and efficiency of software delivery. The challenge is that existing enterprise applications are expensive to develop and difficult to modernize. This often results in what Gartner calls ...
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in compute, storage and networking technologies, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/...
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
All organizations that did not originate this moment have a pre-existing culture as well as legacy technology and processes that can be more or less amenable to DevOps implementation. That organizational culture is influenced by the personalities and management styles of Executive Management, the wider culture in which the organization is situated, and the personalities of key team members at all levels of the organization. This culture and entrenched interests usually throw a wrench in the work...
With billions of sensors deployed worldwide, the amount of machine-generated data will soon exceed what our networks can handle. But consumers and businesses will expect seamless experiences and real-time responsiveness. What does this mean for IoT devices and the infrastructure that supports them? More of the data will need to be handled at - or closer to - the devices themselves.
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists will examine how DevOps helps to meet th...
@GonzalezCarmen has been ranked the Number One Influencer and @ThingsExpo has been named the Number One Brand in the “M2M 2016: Top 100 Influencers and Brands” by Analytic. Onalytica analyzed tweets over the last 6 months mentioning the keywords M2M OR “Machine to Machine.” They then identified the top 100 most influential brands and individuals leading the discussion on Twitter.
Judith Hurwitz is president and CEO of Hurwitz & Associates, a Needham, Mass., research and consulting firm focused on emerging technology, including big data, cognitive computing and governance. She is co-author of the book Cognitive Computing and Big Data Analytics, published in 2015. Her Cloud Expo session, "What Is the Business Imperative for Cognitive Computing?" is scheduled for Wednesday, June 8, at 8:40 a.m. In it, she puts cognitive computing into perspective with its value to the busin...
Building a cross-cloud operational model can be a daunting task. Per-cloud silos are not the answer, but neither is a fully generic abstraction plane that strips out capabilities unique to a particular provider. In his session at 20th Cloud Expo, Chris Wolf, VP & Chief Technology Officer, Global Field & Industry at VMware, will discuss how successful organizations approach cloud operations and management, with insights into where operations should be centralized and when it’s best to decentraliz...
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Five years ago development was seen as a dead-end career, now it’s anything but – with an explosion in mobile and IoT initiatives increasing the demand for skilled engineers. But apart from having a ready supply of great coders, what constitutes true ‘DevOps Royalty’? It’ll be the ability to craft resilient architectures, supportability, security everywhere across the software lifecycle. In his keynote at @DevOpsSummit at 20th Cloud Expo, Jeffrey Scheaffer, GM and SVP, Continuous Delivery Busine...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Cognitive Computing is becoming the foundation for a new generation of solutions that have the potential to transform business. Unlike traditional approaches to building solutions, a cognitive computing approach allows the data to help determine the way applications are designed. This contrasts with conventional software development that begins with defining logic based on the current way a business operates. In her session at 18th Cloud Expo, Judith S. Hurwitz, President and CEO of Hurwitz & ...
SYS-CON Events announced today that Juniper Networks (NYSE: JNPR), an industry leader in automated, scalable and secure networks, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Juniper Networks challenges the status quo with products, solutions and services that transform the economics of networking. The company co-innovates with customers and partners to deliver automated, scalable and secure network...
Everyone wants to use containers, but monitoring containers is hard. New ephemeral architecture introduces new challenges in how monitoring tools need to monitor and visualize containers, so your team can make sense of everything. In his session at @DevOpsSummit, David Gildeh, co-founder and CEO of Outlyer, will go through the challenges and show there is light at the end of the tunnel if you use the right tools and understand what you need to be monitoring to successfully use containers in your...