Intelligent CISO Issue 1 - Page 69

BeyondTrust introduces solution to protect against privilege-based attacks eyondTrust, a leading cybersecurity company dedicated to preventing privilege misuse and stopping unauthorised access, has announced a first-of-its kind privilege management solution for network, IoT, ICS and SCADA devices. B ▯ ▯ ▯ ▯ ▯ ▯ PowerBroker for Networks rounds out BeyondTrust’s privilege management support, which includes privilege management for Windows, Mac, Unix and Linux endpoints, servers, applications and now any device managed via SSH or Telnet. With PowerBroker for Networks, BeyondTrust customers can realise the benefits of end-to-end least privilege, faster and with less complexity across nearly all environments, including critical network devices. PowerBroker for Networks is an agentless solution that controls what commands users can run, records sessions, alerts and provides a complete audit trail of user activity on network devices via the command line. Delivered with a modular design that is highly scalable, PowerBroker for Networks’ architecture easily scales to hundreds of thousands of nodes without overburdening the network or administrators with overhead. | Issue 01 Brad Hibbert, COO, BeyondTrust “Network devices – such as routers, switches, firewalls, IoT, ICS and other SCADA devices – are critical for organisations to function, yet present open doors for external attackers and malicious insiders if not properly monitored,” said Brad Hibbert, COO, BeyondTrust. “To improve security on these devices, organisations must have control and visibility over privileged user activity. Since most network devices do not allow for the installation of agents, or are manufacturer-specific, PowerBroker for Networks fills an important gap.” Because PowerBroker for Networks supports any device that utilises SSH or Telnet to enable management, it can be utilised across a diverse network, and offers the following features: ▯ ▯ Full Command Control and Session Auditing: Enables full, granular control and audit of all commands and sessions to network devices. ▯ ▯ Real-time Session Monitoring: Warns, or warns then terminates, “The idea of ‘identity’ seems intuitive, but identity can be distorted either by inside actors imitating legitimate credential holders or miscreants escalating credentials,” said Christopher Kissel, Senior Cybersecurity Analyst, Frost & Sullivan. “A seemingly credentialed actor can wreak havoc as SecOps teams often cannot discover nefarious behaviour emanating from users with proper credentials. BeyondTrust PowerBroker for Networks is an important and evolutionary step in identity and access management (IAM), offering network administrators a single-point of management for important functions, such as command and control session monitoring and auditing, the generation of logs for SIEM and automating single sign-on. Additionally, PowerBroker for Networks moves ‘identity’ from a role- based static event into an observable, fluid event where identity-change can be an Indicator of Compromise or where SecOps can block access even for credentialed actors.” PowerBroker for Networks is available now. u 69 With PowerBroker for Networks, organisations can manage large, distributed and heterogeneous infrastructures while delivering optimal performance and without limiting activity. PowerBroker for Networks fully integrates with the central PowerBroker console, enabling customers to benefit from a single policy, management and reporting interface. ▯ ▯ a session when questionable user behaviour is detected. Integrates with SIEM Solutions for Complete Security Intelligence: Generates logs and sends to syslog to be picked up by a SIEM system. Alerts for Faster Cybersecurity Response: Generates alerts to prevent or stop unwanted activity. Automates Single Sign- on: Integrates with password management solutions such as PowerBroker Password Safe to seamlessly retrieve passwords for automated sign-on through a proxied connection. Centralises Control: Centralises administration, policy and audit data for decentralised devices and administrators.