Welcome!

News Feed Item

Privilege Management Provides Defense Against Land-and-Expand Cyber Attacks

Lieberman Software Explains How Advanced Persistent Threats (APTs) Are Almost Impossible to Stop, but Damage Can Be Limited With Privilege Management and Secure Network Design

LOS ANGELES, CA--(Marketwired - June 23, 2014) - Given the reality of today's advanced persistent threats (APTs) and sophisticated nation-state cyber attacks, virtually all enterprises have already been breached. However, by controlling and hardening privileged credentials, an organization can deny intruders broad access inside the network and prevent them from covertly accessing and extracting sensitive information at will.

This real-world approach to securing enterprise networks in the face of APTs is the subject of Philip Lieberman's presentation "Next Generation Technology Approaches to Manage Privileged Identities, Users and Applications" at this week's Gartner Security and Risk Management Summit. The session will be held on Tuesday, June 24 at 2:45 p.m. ET in the Potomac C room of the Gaylord National in National Harbor, Md. Lieberman is the President and CEO of Lieberman Software Corporation, a Premier Sponsor at this event and an exhibitor in booth 325.

"Conventional detect and respond tools like firewalls and intrusion prevention systems (IPS) react too late to stop zero-day exploits launched by highly skilled, professional-level attackers," Lieberman said. "IT security in most enterprises is analogous to a candy with a hard shell and a gooey interior. Today's attackers can break through the outer security -- the shell -- almost at will. Since interior security is so soft, full control over victims' networks can be obtained in a matter of minutes."

"The reality of this porous perimeter is that we must assume that attacks will succeed and intrusions will occur," he continued. "Therefore, IT departments need to ask -- what happens after a machine is compromised, a key logger is loaded, and usernames and passwords are available to the criminals? How far into the network can the hackers reach, and for how long?"

Restrict Targeted Intrusions with Privilege Management

To defend against APTs and cyber criminals, organizations can implement automated privilege management solutions. Privilege management minimizes lateral motion of intruders inside the network, time-limits the value of privileged credentials, and controls the scope of access inside the IT environment to authorized and audited users with valid reasons for access. 

"If you assume that one or more of your machines has become owned by an outsider -- via a successful social engineering attack, for example -- then privilege management is a proven active defense solution to limit how far the attacker can expand in the environment, and mitigate how long a captured credential can be exploited," Lieberman said. "To complete the earlier analogy, privilege management replaces that gooey IT interior security by adding a consistent security texture all the way through the enterprise. In essence, even if an attacker has obtained user names and passwords, they are of very little use beyond the initial breached system. The stolen credentials can't help them leapfrog from system to system within the environment, and extract sensitive data along the way."

With enterprise-grade privilege management, an organization can maintain a continuous, up-to-date list of systems and accounts -- including administrative logins, service accounts, and application passwords. Privilege management can then ensure that each system has unique, complex and frequently changing passwords. There are no shared credentials that attackers can use to access multiple systems. Disclosed passwords are changed immediately after use, so no one retains knowledge of "password secrets" for the future.

"The key to privilege management is the ability to automatically discover and remediate security breaches before cyber attackers can exploit them," Lieberman said.

The Lieberman Software Solution
Lieberman Software's Enterprise Random Password Manager™ (ERPM) is a privilege management platform with proven privileged identity management functionality that automatically detects, secures and audits privileged accounts throughout the cross-platform enterprise, both on-premises and in the cloud. It ensures that privileged identities are only available on a temporary, delegated basis to prevent unauthorized and anonymous access to systems with sensitive data.

ERPM was recently enhanced with a new privileged access management module that provides authorized users with automated access to corporate applications -- whether on-premises, in the cloud or third-party -- without disclosing passwords. Elevated operations performed by users are automatically recorded and audited. Users are granted quick and full access to the business applications they need to perform their job roles. However, privileged credentials that manage access to the applications are never known to users, and cannot be accessed without triggering an audit trail.

For more information see www.liebsoft.com/enterprise_random_password_manager.

About Lieberman Software Corporation
Lieberman Software provides award-winning privilege management products to more than 1200 enterprise customers worldwide, including nearly half of the Fortune 50. By automatically locating, securing and continuously auditing privileged identities, both on-premises and in the cloud, Lieberman Software helps protect access to systems with sensitive data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privilege management space, and its products, including Enterprise Random Password Manager (ERPM), continue to lead the market. Lieberman Software also provides a mature line of Windows security management tools. The company is headquartered in Los Angeles, CA, with offices and channel partners located around the world. For more information, visit www.liebsoft.com.

Product and company names herein may be trademarks of their registered owners.

For more information, please contact:

Kevin Franks
Marketing Communications Manager
Lieberman Software Corporation
310.300.3562
Email contactEmail contactEmail contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
StarNet Communications Corp has announced the addition of three Secure Remote Desktop modules to its flagship X-Win32 PC X server. The new modules enable X-Win32 to safely tunnel the remote desktops from Linux and Unix servers to the user’s PC over encrypted SSH. Traditionally, users of PC X servers deploy the XDMCP protocol to display remote desktop environments such as the Gnome and KDE desktops on Linux servers and the CDE environment on Solaris Unix machines. XDMCP is used primarily on comp...
SYS-CON Events announced today Telecom Reseller has been named “Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
SYS-CON Events announced today that StarNet Communications will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. StarNet Communications’ FastX is the industry first cloud-based remote X Windows emulator. Using standard Web browsers (FireFox, Chrome, Safari, etc.) users from around the world gain highly secure access to applications and data hosted on Linux-based servers in a central data center. ...
SYS-CON Events announced today that Adobe has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. Adobe is changing the world though digital experiences. Adobe helps customers develop and deliver high-impact experiences that differentiate brands, build loyalty, and drive revenue across every screen, including smartphones, computers, tablets and TVs. Adobe content solutions are used daily by millions of co...
Why do your mobile transformations need to happen today? Mobile is the strategy that enterprise transformation centers on to drive customer engagement. In his general session at @ThingsExpo, Roger Woods, Director, Mobile Product & Strategy – Adobe Marketing Cloud, covered key IoT and mobile trends that are forcing mobile transformation, key components of a solid mobile strategy and explored how brands are effectively driving mobile change throughout the enterprise.
Pulzze Systems was happy to participate in such a premier event and thankful to be receiving the winning investment and global network support from G-Startup Worldwide. It is an exciting time for Pulzze to showcase the effectiveness of innovative technologies and enable them to make the world smarter and better. The reputable contest is held to identify promising startups around the globe that are assured to change the world through their innovative products and disruptive technologies. There w...
SYS-CON Events announced today that Pulzze Systems will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Pulzze Systems, Inc. provides infrastructure products for the Internet of Things to enable any connected device and system to carry out matched operations without programming. For more information, visit http://www.pulzzesystems.com.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
SYS-CON Events announced today that Hitrons Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Hitrons Solutions Inc. is distributor in the North American market for unique products and services of small and medium-size businesses, including cloud services and solutions, SEO marketing platforms, and mobile applications.
Almost two-thirds of companies either have or soon will have IoT as the backbone of their business in 2016. However, IoT is far more complex than most firms expected. How can you not get trapped in the pitfalls? In his session at @ThingsExpo, Tony Shan, a renowned visionary and thought leader, will introduce a holistic method of IoTification, which is the process of IoTifying the existing technology and business models to adopt and leverage IoT. He will drill down to the components in this fra...
As the world moves toward more DevOps and Microservices, application deployment to the cloud ought to become a lot simpler. The Microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. Serverless computing is revolutionizing computing. In his session at 19th Cloud Expo, Raghav...
SYS-CON Events announced today that eCube Systems, a leading provider of middleware modernization, integration, and management solutions, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. eCube Systems offers a family of middleware evolution products and services that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
Data is an unusual currency; it is not restricted by the same transactional limitations as money or people. In fact, the more that you leverage your data across multiple business use cases, the more valuable it becomes to the organization. And the same can be said about the organization’s analytics. In his session at 19th Cloud Expo, Bill Schmarzo, CTO for the Big Data Practice at EMC, will introduce a methodology for capturing, enriching and sharing data (and analytics) across the organizati...
Enterprises have forever faced challenges surrounding the sharing of their intellectual property. Emerging cloud adoption has made it more compelling for enterprises to digitize their content, making them available over a wide variety of devices across the Internet. In his session at 19th Cloud Expo, Santosh Ahuja, Director of Architecture at Impiger Technologies, will introduce various mechanisms provided by cloud service providers today to manage and share digital content in a secure manner....