1
Managing Privileged Account
Security
Chris Maroun
Regional Sales Engineering Manager – East Coast
2
Privileged Accounts Exist In Every Piece of
IT Technology
3
PRIVILEGE
Shared Admin
Accounts
Application to
Application
Accounts
Cloud
Accounts
4
Privileged Accounts are Targeted in All
Advanced Attacks
Mandiant, M-Trends and APT1 Report
“…100% of breaches
involved ...
5
The Facts Speak for Themselves: You Will Be
Breached
There is no such thing as perfect security.
Attackers get smarter a...
6
Systems
Integration
Partners
Temporary
Staff
Cloud
Service
Providers
Off Shore
Developers
Contractors
Internal
Users
7
Systems
Integration
Partners
External
Attacker
Cloud
Services
Off Shore
Developers
Contractors
Internal
Users
You Need t...
8
Four Critical Steps to Stopping Advanced Threats
Protect and manage privileged account
credentials
Control, isolate and ...
9
Privileged Account Security –
Now a Critical Security Layer
10
CyberArk’s Privileged Account Security Solution
Privileged
Threat
Analytics
Master Policy
Secure Digital Vault™
Enterpr...
11
Virtual
Servers
Unix/Linux
Servers
iSeries
Mainframes
Windows
Servers
zSeries
Mainframe
Databases Applications
Network
...
12
Virtual
Servers
Unix/Linux
Servers
iSeries
Mainframes
Windows
Servers
zSeries
Mainframe
Databases Applications
Network
...
13
How do we get there?
14
Map and Measure Privileged Account Risks with
CyberArk DNA™
Simple, three-step process Executive dashboard of results
15
CyberArk DNA Pass-the-Hash Vulnerability Map
16
System User Pass
Unix root
Oracle SYS
Windows Administrator
z/OS DB2ADMIN
Cisco enable
Vault
Enterprise IT Environment
...
17
Master Policy: “Native” language, simplified
management
Basic Policy rules
-grouped by topic
Managing Exceptions and
Se...
18
System User Pass
Unix root
Oracle SYS
Windows Administrator
z/OS DB2ADMIN
Cisco enable
Vault
Enterprise IT Environment
...
19
What happens next?
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Integration with SIEM and PTA
34
Security Dashboards
35
Privileged Threat Analytics
36
Access to Privileged Accounts During Irregular Hours
December 28th, 2012
February 13th, 2013
37
Privileged Threat Analytics
38
Privileged Threat Incident Details
39
Managing Privileged Account
Security
Chris Maroun
Regional Sales Engineering Manager – East Coast
Thank you!
Upcoming SlideShare
Loading in...5
×

Managing privileged account security

761

Published on

How to manage the security of privileged accounts.

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
761
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
107
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Managing privileged account security

  1. 1. 1 Managing Privileged Account Security Chris Maroun Regional Sales Engineering Manager – East Coast
  2. 2. 2 Privileged Accounts Exist In Every Piece of IT Technology
  3. 3. 3 PRIVILEGE Shared Admin Accounts Application to Application Accounts Cloud Accounts
  4. 4. 4 Privileged Accounts are Targeted in All Advanced Attacks Mandiant, M-Trends and APT1 Report “…100% of breaches involved stolen credentials.” “APT intruders…prefer to leverage privileged accounts where possible, such as Domain Administrators, service accounts with Domain privileges, local Administrator accounts, and privileged user accounts.”
  5. 5. 5 The Facts Speak for Themselves: You Will Be Breached There is no such thing as perfect security. Attackers get smarter and change tactics all of the time. Companies who have made responsible and sustained investments in IT continue to be compromised. 100% 94% 416 100% Of victims have up-to-date antivirus software Of breaches are reported by third parties Median number of days advanced attackers are on the network before being detected Of breaches involved stolen credentials Mandiant, 2013
  6. 6. 6 Systems Integration Partners Temporary Staff Cloud Service Providers Off Shore Developers Contractors Internal Users
  7. 7. 7 Systems Integration Partners External Attacker Cloud Services Off Shore Developers Contractors Internal Users You Need to Know! Which One is the Attacker? Which One is Authorized?
  8. 8. 8 Four Critical Steps to Stopping Advanced Threats Protect and manage privileged account credentials Control, isolate and monitor privileged access and activity on servers and databases Use real-time privileged account analytics to detect and respond to in-progress attacks Discover all of your privileged accounts
  9. 9. 9 Privileged Account Security – Now a Critical Security Layer
  10. 10. 10 CyberArk’s Privileged Account Security Solution Privileged Threat Analytics Master Policy Secure Digital Vault™ Enterprise Password Vault® Privileged Session Manager® Application Identity Manager™ On-Demand Privileges Manager™ Management Portal/Web Access PROTECT DETECT RESPOND
  11. 11. 11 Virtual Servers Unix/Linux Servers iSeries Mainframes Windows Servers zSeries Mainframe Databases Applications Network Devices Security Appliances Websites & Web Apps Unix AdminsWindows Admins DBAs VM Admins External Vendors Business Applications Auditor/ Security & Risk I need the password to map a drive I need my service provider to connect remotely with root I just need root to patch a database I have this script that needs to run as root every night What are your root entitlements, who used it, when did they use it and why? Enterprise Account Usage today What are your root entitlements, who used it, when did they use it and why?
  12. 12. 12 Virtual Servers Unix/Linux Servers iSeries Mainframes Windows Servers zSeries Mainframe Databases Applications Network Devices Security Appliances Websites & Web Apps Unix AdminsWindows Admins DBAs VM Admins External Vendors Business Applications Auditor/ Security & Risk I need the password to map a drive I need my service provider to connect remotely with root I have this script that needs to run as root every night Great! Your access is approved and is now controlled and monitored I just need root to patch a database EPV Workflow PSM Workflow AIM Workflow Monitoring & Reporting Workflow OPM Workflow Control the Access
  13. 13. 13 How do we get there?
  14. 14. 14 Map and Measure Privileged Account Risks with CyberArk DNA™ Simple, three-step process Executive dashboard of results
  15. 15. 15 CyberArk DNA Pass-the-Hash Vulnerability Map
  16. 16. 16 System User Pass Unix root Oracle SYS Windows Administrator z/OS DB2ADMIN Cisco enable Vault Enterprise IT Environment Central Policy Manager 1. Master/exception policy definition Security/ Risk Management Enterprise Password Vault Infrastructure EPV Policy tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t Policy
  17. 17. 17 Master Policy: “Native” language, simplified management Basic Policy rules -grouped by topic Managing Exceptions and Separating Basic and Advanced settings (including dependencies) In-Line Help For quick answers
  18. 18. 18 System User Pass Unix root Oracle SYS Windows Administrator z/OS DB2ADMIN Cisco enable Vault Enterprise IT Environment 1. Master/exception policy definition 2. Initial load & reset Automatic Detection, Bulk upload, Manual Enterprise Password Vault Overview EPV tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t tops3cr3t lm7yT5wX5$aq+pTojsd$5fhy7qeF$1gviNa9% Policy Central Policy Manager
  19. 19. 19 What happens next?
  20. 20. 20
  21. 21. 21
  22. 22. 22
  23. 23. 23
  24. 24. 24
  25. 25. 25
  26. 26. 26
  27. 27. 27
  28. 28. 28
  29. 29. 29
  30. 30. 30
  31. 31. 31
  32. 32. 32
  33. 33. 33 Integration with SIEM and PTA
  34. 34. 34 Security Dashboards
  35. 35. 35 Privileged Threat Analytics
  36. 36. 36 Access to Privileged Accounts During Irregular Hours December 28th, 2012 February 13th, 2013
  37. 37. 37 Privileged Threat Analytics
  38. 38. 38 Privileged Threat Incident Details
  39. 39. 39 Managing Privileged Account Security Chris Maroun Regional Sales Engineering Manager – East Coast Thank you!
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×