SlideShare a Scribd company logo

OSB140: Want a Safer Network? You Can Remove Local Admin Rights with Ivanti Application Control

Ivanti
Ivanti

OSB140 - Want a Safer Network? You Can Remove Local Admin Rights with Ivanti Application Control Shane Wescott Mark Williamson

Software
1 of 40
Download to read offline
Shane Wescott Mark Williamson AppSense Technology Evangelist – Aust/NZ Technical Lead (AM) OSB140 - Want a safer network. you can remove local admin rights with Ivanti application control
Agenda  Who are we  Why Ivanti for Privilege Management  How does it work – What’s under the hood  Tips and Tricks  What’s the Challenge  Customer Success Stories  Demo – Show me already  Q & A
Who are we ?
What’s the challenge ?
User-Targeted Attacks Of Cyberattacks Start With A Phishing Email PhishMe 2016 Enterprise Phishing Susceptibility and Resiliency Report https://phishme.com/2016-enterprise-phishing-susceptibility-report
User-Targeted Attacks of recipients open phishing messages, and 12% click on attachments. Verizon 2016 Data Breach Investigations Report http://www.verizonenterprise.com/DBIR/2016/ Up from 23% and 11%, respectively, in 2015
Mitigate Impact A vulnerability that when exploited allows the attacker to operate in the context of the current user. Reducing user privileges reduces the attackers ability to operate thereby slowing their ability to move around your environment. Privilege Management Reduces Impact: 0 2 4 6 8 10 12 14 16 18 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec total Priv mgmt mitigates
SANS Training Example from Dr Eric Cole • 47 users across 47 companies • Average required rights to data 42% • Of total data loss, ONLY 17% would have been lost • Remaining 83% equated to $4.5 Million • Roughly $100K per user breached
Australian Signals Directorate
SANS – 1st Five… SANS “First Five”—as providing the most immediate increase in efficient and effective reduction in risk from advanced targeted attacks: 1) software whitelisting, 2) secure standard configurations, 3) application security patching, 4) system security patching and 5) minimization of administrative privileges.
How does it work – What’s under the hood?
ivanti User Privilege Management  Enable admin apps & features for standard users  Allow personal apps with IT control  Full auditing capability
Standard Elevation with Ivanti Application Control 16 AM Agent LSASS Amend Token? CreateProcess Regedit.exe AMAppHook.Dll NTDLL LSA Client Custom LSA Auth Package AMMessageAssist Regedit.exeReparent CreateProcess - Regedit.exe Explorer.exe
Why Ivanti for Privilege Management ?
Discover Provide Insight Take Action
Our History
History and Experience • 18 years experience Whitelisting from AppSense • 14 years experience Patching from Shavlik • 7 years experience Privilege Management from AppSense
Control Administrative Rights  Applications  OS Components  Websites  Services  Installs
Corporate App Store
Application Network Access Control Control outbound connections:  IP  Hostname  URL  UNC or Port
What Do I Need To Elevate?
Ivanti is QUICK to protect Deploy Audit Review Update Proven Methodology
Granular, Contextual Policies • Allows authorised users to access “break glass” functionality • All based on granular, contextual policies • All policy based with full auditing
85% of Windows intrusion threats Organizations can prevent up to by implementing four key disciplines PATCH OPERATING SYSTEMS 1 PATCH APPLICATIONS 2 PRIVILEGE MANAGEMENT 4 APPLICATION WHITELISTING 3 Powered ByPowered By
Our defense-in-depth products PATCH & VULNERABILITY MANAGEMENT APPLICATION CONTROL & PRIVILEGE MANAGEMENT ENDPOINT SECURITY SUITES SECURE PROGRAM MANAGEMENT • IVANTI PATCH FOR ENDPOINTS • IVANTI PATCH FOR SERVERS • IVANTI PATCH FOR SCCM • IVANTI APPLICATION CONTROL FOR ENDPOINTS • IVANTI APPLICATION CONTROL FOR SERVERS • IVANTI APPLICATION CONTROL FOR SCCM • IVANTI ENDPOINT SECURITY • IVANTI SERVER SECURITY • IVANTI SERVICE MANAGER • IVANTI ASSET MANAGER Provide Insight Compliance and monitoring by Xtraction
Customer Success Stories?
Only product Customer bought off a Beta 
Hassell – Removal of Admin/App Store
Demo – Show me already
33
Tips and Tricks
1. Follow the advice from Experts  SANS, CIS, ASD –do the most important things FIRST  Follow a proven methodology  If you want more info on this jump into this session OSB310 – Whitelisting, The Good, the Bad, the Ugly. Our Experts help you avoid Common Pitfalls Thursday 10:15- 11:15 Jamaica B
2. Get buy in from the Business • It cant just be driven by the Security Team • Communications is the key – user and departmental • Make sure people understand the business benefit
3. Do your Discovery - Don’t assume anything What’s running on your network? What apps need admin rights? How quickly user behaviour can change Xtraction can be Awesome to help get that single page view
3. Do your Discovery - Don’t assume anything Xtraction example: ASD TOP 4 Single pane view Multiple data sources
Plug for Xtraction OSL140 - Here’s Your #$@&%*! Report! Test Drive Xtraction for Security Wednesday 14:15 – 15:15 MEC C1
Q + A Thank you

Recommended

OSB160: Trust Your Apps. See How with Ivanti Application Control
OSB160: Trust Your Apps. See How with Ivanti Application ControlOSB160: Trust Your Apps. See How with Ivanti Application Control
OSB160: Trust Your Apps. See How with Ivanti Application Control
Ivanti
 
OSB120 Beat Ransomware
OSB120 Beat RansomwareOSB120 Beat Ransomware
OSB120 Beat Ransomware
Ivanti
 
Stop Attacks and Mitigate Risk with Application and Device Control
Stop Attacks and Mitigate Risk with Application and Device ControlStop Attacks and Mitigate Risk with Application and Device Control
Stop Attacks and Mitigate Risk with Application and Device Control
Symantec
 
Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015
Clint Walker
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Symantec
 
Presentazione-CyberArk-MDM-v3
Presentazione-CyberArk-MDM-v3Presentazione-CyberArk-MDM-v3
Presentazione-CyberArk-MDM-v3
Marco Di Martino
 
Effective multi factor authentication for people soft
Effective multi factor authentication for people softEffective multi factor authentication for people soft
Effective multi factor authentication for people soft
Appsian
 
Ambesh
AmbeshAmbesh
Ambesh
Ambesh Sharma
 

Recommended

OSB160: Trust Your Apps. See How with Ivanti Application Control
OSB160: Trust Your Apps. See How with Ivanti Application ControlOSB160: Trust Your Apps. See How with Ivanti Application Control
OSB160: Trust Your Apps. See How with Ivanti Application Control
Ivanti
 
OSB120 Beat Ransomware
OSB120 Beat RansomwareOSB120 Beat Ransomware
OSB120 Beat Ransomware
Ivanti
 
Stop Attacks and Mitigate Risk with Application and Device Control
Stop Attacks and Mitigate Risk with Application and Device ControlStop Attacks and Mitigate Risk with Application and Device Control
Stop Attacks and Mitigate Risk with Application and Device Control
Symantec
 
Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015Infographic-1-MainFrame BlindSpots_082015
Infographic-1-MainFrame BlindSpots_082015
Clint Walker
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Symantec
 
Presentazione-CyberArk-MDM-v3
Presentazione-CyberArk-MDM-v3Presentazione-CyberArk-MDM-v3
Presentazione-CyberArk-MDM-v3
Marco Di Martino
 
Effective multi factor authentication for people soft
Effective multi factor authentication for people softEffective multi factor authentication for people soft
Effective multi factor authentication for people soft
Appsian
 
Ambesh
AmbeshAmbesh
Ambesh
Ambesh Sharma
 
Securing Your Salesforce Org: The Human Factor
Securing Your Salesforce Org: The Human FactorSecuring Your Salesforce Org: The Human Factor
Securing Your Salesforce Org: The Human Factor
F Pindar
 
Kaspersky antivirus ppt
Kaspersky antivirus pptKaspersky antivirus ppt
Kaspersky antivirus ppt
Dipak Bamugade
 
Managing privileged account security
Managing privileged account securityManaging privileged account security
Managing privileged account security
Raleigh ISSA
 
Security VoIP Assessment
Security VoIP AssessmentSecurity VoIP Assessment
Security VoIP Assessment
Iron Mountain
 
Cyber ark training
Cyber ark trainingCyber ark training
Cyber ark training
Global Online Trainings
 
Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...
NetwayClub
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model
Akamai Technologies
 
Security Operations Strategies
Security Operations Strategies Security Operations Strategies
Security Operations Strategies
Siemplify
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium Businesses
Sasha Nunke
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - final
OracleIDM
 
Application Control - Maintenance Headache or Manageable Solution?
Application Control - Maintenance Headache or Manageable Solution?Application Control - Maintenance Headache or Manageable Solution?
Application Control - Maintenance Headache or Manageable Solution?
Ivanti
 
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Lance Peterman
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
Imperva
 
Xamarin security talk slideshare
Xamarin security talk slideshareXamarin security talk slideshare
Xamarin security talk slideshare
Marcus de Wilde
 
CyberArk
CyberArkCyberArk
CyberArk
Jimmy Sze
 
SIEM Alone is Not Enough
SIEM Alone is Not EnoughSIEM Alone is Not Enough
SIEM Alone is Not Enough
Tripwire
 
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, AkamaiClosing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Akamai Technologies
 
Waratek presentation for RANT November 2016
Waratek presentation for RANT November 2016Waratek presentation for RANT November 2016
Waratek presentation for RANT November 2016
Waratek Ltd
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
tswong
 
Simple and-smart-security-tips-for-website -design-orange949
Simple and-smart-security-tips-for-website -design-orange949Simple and-smart-security-tips-for-website -design-orange949
Simple and-smart-security-tips-for-website -design-orange949
Orange949
 
OSB170: What a CISO Wants
OSB170: What a CISO WantsOSB170: What a CISO Wants
OSB170: What a CISO Wants
Ivanti
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
Ivanti
 

More Related Content

What's hot

Securing Your Salesforce Org: The Human Factor
Securing Your Salesforce Org: The Human FactorSecuring Your Salesforce Org: The Human Factor
Securing Your Salesforce Org: The Human Factor
F Pindar
 
Kaspersky antivirus ppt
Kaspersky antivirus pptKaspersky antivirus ppt
Kaspersky antivirus ppt
Dipak Bamugade
 
Managing privileged account security
Managing privileged account securityManaging privileged account security
Managing privileged account security
Raleigh ISSA
 
Security VoIP Assessment
Security VoIP AssessmentSecurity VoIP Assessment
Security VoIP Assessment
Iron Mountain
 
Cyber ark training
Cyber ark trainingCyber ark training
Cyber ark training
Global Online Trainings
 
Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...
NetwayClub
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model
Akamai Technologies
 
Security Operations Strategies
Security Operations Strategies Security Operations Strategies
Security Operations Strategies
Siemplify
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium Businesses
Sasha Nunke
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - final
OracleIDM
 
Application Control - Maintenance Headache or Manageable Solution?
Application Control - Maintenance Headache or Manageable Solution?Application Control - Maintenance Headache or Manageable Solution?
Application Control - Maintenance Headache or Manageable Solution?
Ivanti
 
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Lance Peterman
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
Imperva
 
Xamarin security talk slideshare
Xamarin security talk slideshareXamarin security talk slideshare
Xamarin security talk slideshare
Marcus de Wilde
 
CyberArk
CyberArkCyberArk
CyberArk
Jimmy Sze
 
SIEM Alone is Not Enough
SIEM Alone is Not EnoughSIEM Alone is Not Enough
SIEM Alone is Not Enough
Tripwire
 
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, AkamaiClosing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Akamai Technologies
 
Waratek presentation for RANT November 2016
Waratek presentation for RANT November 2016Waratek presentation for RANT November 2016
Waratek presentation for RANT November 2016
Waratek Ltd
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
tswong
 
Simple and-smart-security-tips-for-website -design-orange949
Simple and-smart-security-tips-for-website -design-orange949Simple and-smart-security-tips-for-website -design-orange949
Simple and-smart-security-tips-for-website -design-orange949
Orange949
 

What's hot (20)

Securing Your Salesforce Org: The Human Factor
Securing Your Salesforce Org: The Human FactorSecuring Your Salesforce Org: The Human Factor
Securing Your Salesforce Org: The Human Factor
 
Kaspersky antivirus ppt
Kaspersky antivirus pptKaspersky antivirus ppt
Kaspersky antivirus ppt
 
Managing privileged account security
Managing privileged account securityManaging privileged account security
Managing privileged account security
 
Security VoIP Assessment
Security VoIP AssessmentSecurity VoIP Assessment
Security VoIP Assessment
 
Cyber ark training
Cyber ark trainingCyber ark training
Cyber ark training
 
Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...Strong authentication for your organization in a cost effective cloud-based...
Strong authentication for your organization in a cost effective cloud-based...
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model
 
Security Operations Strategies
Security Operations Strategies Security Operations Strategies
Security Operations Strategies
 
Web Application Security For Small and Medium Businesses
Web Application Security For Small and Medium BusinessesWeb Application Security For Small and Medium Businesses
Web Application Security For Small and Medium Businesses
 
Con8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - finalCon8813 securing privileged accounts with an integrated idm solution - final
Con8813 securing privileged accounts with an integrated idm solution - final
 
Application Control - Maintenance Headache or Manageable Solution?
Application Control - Maintenance Headache or Manageable Solution?Application Control - Maintenance Headache or Manageable Solution?
Application Control - Maintenance Headache or Manageable Solution?
 
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015Privileged Access Management - Unsticking Your PAM Program - CIS 2015
Privileged Access Management - Unsticking Your PAM Program - CIS 2015
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
 
Xamarin security talk slideshare
Xamarin security talk slideshareXamarin security talk slideshare
Xamarin security talk slideshare
 
CyberArk
CyberArkCyberArk
CyberArk
 
SIEM Alone is Not Enough
SIEM Alone is Not EnoughSIEM Alone is Not Enough
SIEM Alone is Not Enough
 
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, AkamaiClosing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
 
Waratek presentation for RANT November 2016
Waratek presentation for RANT November 2016Waratek presentation for RANT November 2016
Waratek presentation for RANT November 2016
 
Panda Security2008
Panda Security2008Panda Security2008
Panda Security2008
 
Simple and-smart-security-tips-for-website -design-orange949
Simple and-smart-security-tips-for-website -design-orange949Simple and-smart-security-tips-for-website -design-orange949
Simple and-smart-security-tips-for-website -design-orange949
 

Similar to OSB140: Want a Safer Network? You Can Remove Local Admin Rights with Ivanti Application Control

OSB170: What a CISO Wants
OSB170: What a CISO WantsOSB170: What a CISO Wants
OSB170: What a CISO Wants
Ivanti
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
Ivanti
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
IBM Security
 
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Cenzic
 
What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?
Ivanti
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
MenloSecurity
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
Khawar Nehal khawar.nehal@atrc.net.pk
 
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecWhat the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
IBM Security
 
Demand for Penetration Testing Services.docx
Demand for Penetration Testing Services.docxDemand for Penetration Testing Services.docx
Demand for Penetration Testing Services.docx
Aardwolf Security
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentation
danhsmith
 
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)
IndusfacePvtLtd
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
DFLABS SRL
 
Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...
Cenzic
 
computer security audit ,erp audit,software systems audit
computer security audit ,erp audit,software systems auditcomputer security audit ,erp audit,software systems audit
computer security audit ,erp audit,software systems audit
aaditya
 
Isms3
Isms3Isms3
Isms3
aaditya
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability ScannerPrevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability Scanner
GFI Software
 
NH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 KamensNH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 Kamens
kamensm02
 
Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360
Panda Security
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
 
Sensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité SalesforceSensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité Salesforce
Paris Salesforce Developer Group
 

Similar to OSB140: Want a Safer Network? You Can Remove Local Admin Rights with Ivanti Application Control (20)

OSB170: What a CISO Wants
OSB170: What a CISO WantsOSB170: What a CISO Wants
OSB170: What a CISO Wants
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
Top 10 Ways To Win Budget For Application Security - Cenzic.2013.05.22
 
What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?What's New with Ivanti’s Enterprise Licensing Agreement?
What's New with Ivanti’s Enterprise Licensing Agreement?
 
A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?A Closer Look at Isolation: Hype or Next Gen Security?
A Closer Look at Isolation: Hype or Next Gen Security?
 
Cyber Security for Financial Institutions
Cyber Security for Financial InstitutionsCyber Security for Financial Institutions
Cyber Security for Financial Institutions
 
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecWhat the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
 
Demand for Penetration Testing Services.docx
Demand for Penetration Testing Services.docxDemand for Penetration Testing Services.docx
Demand for Penetration Testing Services.docx
 
Path Maker Security Presentation
Path Maker Security PresentationPath Maker Security Presentation
Path Maker Security Presentation
 
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
 
Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...Essentials of Web Application Security: what it is, why it matters and how to...
Essentials of Web Application Security: what it is, why it matters and how to...
 
computer security audit ,erp audit,software systems audit
computer security audit ,erp audit,software systems auditcomputer security audit ,erp audit,software systems audit
computer security audit ,erp audit,software systems audit
 
Isms3
Isms3Isms3
Isms3
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability ScannerPrevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability Scanner
 
NH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 KamensNH Bankers 10 08 07 Kamens
NH Bankers 10 08 07 Kamens
 
Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360Panda Security - Adaptive Defense 360
Panda Security - Adaptive Defense 360
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
 
Sensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité SalesforceSensibilisation à la Sécurité Salesforce
Sensibilisation à la Sécurité Salesforce
 

More from Ivanti

Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________
Ivanti
 
Patch Tuesday de Junio
Patch Tuesday de JunioPatch Tuesday de Junio
Patch Tuesday de Junio
Ivanti
 
Patch Tuesday Italia Giugno
Patch Tuesday Italia GiugnoPatch Tuesday Italia Giugno
Patch Tuesday Italia Giugno
Ivanti
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Français Patch Tuesday - Mai
Français Patch Tuesday - MaiFrançais Patch Tuesday - Mai
Français Patch Tuesday - Mai
Ivanti
 
Patch Tuesday de Mayo
Patch Tuesday de MayoPatch Tuesday de Mayo
Patch Tuesday de Mayo
Ivanti
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
Ivanti
 
Patch Tuesday Italia Maggio
Patch Tuesday Italia MaggioPatch Tuesday Italia Maggio
Patch Tuesday Italia Maggio
Ivanti
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
Ivanti
 
Patch Tuesday de Abril
Patch Tuesday de AbrilPatch Tuesday de Abril
Patch Tuesday de Abril
Ivanti
 
Français Patch Tuesday - Avril
Français Patch Tuesday - AvrilFrançais Patch Tuesday - Avril
Français Patch Tuesday - Avril
Ivanti
 
Patch Tuesday Italia Aprile
Patch Tuesday Italia AprilePatch Tuesday Italia Aprile
Patch Tuesday Italia Aprile
Ivanti
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - Mars
Ivanti
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de Marzo
Ivanti
 
Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia Marzo
Ivanti
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
Ivanti
 
Patch Tuesday de Febrero
Patch Tuesday de FebreroPatch Tuesday de Febrero
Patch Tuesday de Febrero
Ivanti
 
2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février
Ivanti
 
Patch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioPatch Tuesday Italia Febbraio
Patch Tuesday Italia Febbraio
Ivanti
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
Ivanti
 

More from Ivanti (20)

Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________Français Patch Tuesday - Juin___________
Français Patch Tuesday - Juin___________
 
Patch Tuesday de Junio
Patch Tuesday de JunioPatch Tuesday de Junio
Patch Tuesday de Junio
 
Patch Tuesday Italia Giugno
Patch Tuesday Italia GiugnoPatch Tuesday Italia Giugno
Patch Tuesday Italia Giugno
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Français Patch Tuesday - Mai
Français Patch Tuesday - MaiFrançais Patch Tuesday - Mai
Français Patch Tuesday - Mai
 
Patch Tuesday de Mayo
Patch Tuesday de MayoPatch Tuesday de Mayo
Patch Tuesday de Mayo
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
Patch Tuesday Italia Maggio
Patch Tuesday Italia MaggioPatch Tuesday Italia Maggio
Patch Tuesday Italia Maggio
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Patch Tuesday de Abril
Patch Tuesday de AbrilPatch Tuesday de Abril
Patch Tuesday de Abril
 
Français Patch Tuesday - Avril
Français Patch Tuesday - AvrilFrançais Patch Tuesday - Avril
Français Patch Tuesday - Avril
 
Patch Tuesday Italia Aprile
Patch Tuesday Italia AprilePatch Tuesday Italia Aprile
Patch Tuesday Italia Aprile
 
Français Patch Tuesday - Mars
Français Patch Tuesday - MarsFrançais Patch Tuesday - Mars
Français Patch Tuesday - Mars
 
Patch Tuesday de Marzo
Patch Tuesday de MarzoPatch Tuesday de Marzo
Patch Tuesday de Marzo
 
Patch Tuesday Italia Marzo
Patch Tuesday Italia MarzoPatch Tuesday Italia Marzo
Patch Tuesday Italia Marzo
 
March Patch Tuesday
March Patch TuesdayMarch Patch Tuesday
March Patch Tuesday
 
Patch Tuesday de Febrero
Patch Tuesday de FebreroPatch Tuesday de Febrero
Patch Tuesday de Febrero
 
2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février2024 Français Patch Tuesday - Février
2024 Français Patch Tuesday - Février
 
Patch Tuesday Italia Febbraio
Patch Tuesday Italia FebbraioPatch Tuesday Italia Febbraio
Patch Tuesday Italia Febbraio
 
2024 February Patch Tuesday
2024 February Patch Tuesday2024 February Patch Tuesday
2024 February Patch Tuesday
 

Recently uploaded

Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
Julian Hyde
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdfBaha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid
 
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
The Third Creative Media
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
Tier1 app
 
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLESINTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
anfaltahir1010
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
Peter Muessig
 
Quarter 3 SLRP grade 9.. gshajsbhhaheabh
Quarter 3 SLRP grade 9.. gshajsbhhaheabhQuarter 3 SLRP grade 9.. gshajsbhhaheabh
Quarter 3 SLRP grade 9.. gshajsbhhaheabh
aisafed42
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Green Software Development
 
Modelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - AmsterdamModelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - Amsterdam
Alberto Brandolini
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
dakas1
 
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
dakas1
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
ervikas4
 
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdfTop Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
VALiNTRY360
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
Patrick Weigel
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
Remote DBA Services
 
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
XfilesPro
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
brainerhub1
 
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Paul Brebner
 
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
kalichargn70th171
 

Recently uploaded (20)

Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)Measures in SQL (SIGMOD 2024, Santiago, Chile)
Measures in SQL (SIGMOD 2024, Santiago, Chile)
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdfBaha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
 
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
Unlock the Secrets to Effortless Video Creation with Invideo: Your Ultimate G...
 
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSISDECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
DECODING JAVA THREAD DUMPS: MASTER THE ART OF ANALYSIS
 
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLESINTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
INTRODUCTION TO AI CLASSICAL THEORY TARGETED EXAMPLES
 
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s EcosystemUI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
 
Quarter 3 SLRP grade 9.. gshajsbhhaheabh
Quarter 3 SLRP grade 9.. gshajsbhhaheabhQuarter 3 SLRP grade 9.. gshajsbhhaheabh
Quarter 3 SLRP grade 9.. gshajsbhhaheabh
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
 
Modelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - AmsterdamModelling Up - DDDEurope 2024 - Amsterdam
Modelling Up - DDDEurope 2024 - Amsterdam
 
一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理一比一原版(USF毕业证)旧金山大学毕业证如何办理
一比一原版(USF毕业证)旧金山大学毕业证如何办理
 
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
 
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptxMigration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
 
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdfTop Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
 
WWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders AustinWWDC 2024 Keynote Review: For CocoaCoders Austin
WWDC 2024 Keynote Review: For CocoaCoders Austin
 
Oracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptxOracle Database 19c New Features for DBAs and Developers.pptx
Oracle Database 19c New Features for DBAs and Developers.pptx
 
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
 
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdfUnveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
 
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
Why Apache Kafka Clusters Are Like Galaxies (And Other Cosmic Kafka Quandarie...
 
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
 

OSB140: Want a Safer Network? You Can Remove Local Admin Rights with Ivanti Application Control

  • 1.
  • 2. Shane Wescott Mark Williamson AppSense Technology Evangelist – Aust/NZ Technical Lead (AM) OSB140 - Want a safer network. you can remove local admin rights with Ivanti application control
  • 3. Agenda  Who are we  Why Ivanti for Privilege Management  How does it work – What’s under the hood  Tips and Tricks  What’s the Challenge  Customer Success Stories  Demo – Show me already  Q & A
  • 6. User-Targeted Attacks Of Cyberattacks Start With A Phishing Email PhishMe 2016 Enterprise Phishing Susceptibility and Resiliency Report https://phishme.com/2016-enterprise-phishing-susceptibility-report
  • 7. User-Targeted Attacks of recipients open phishing messages, and 12% click on attachments. Verizon 2016 Data Breach Investigations Report http://www.verizonenterprise.com/DBIR/2016/ Up from 23% and 11%, respectively, in 2015
  • 8.
  • 9.
  • 10. Mitigate Impact A vulnerability that when exploited allows the attacker to operate in the context of the current user. Reducing user privileges reduces the attackers ability to operate thereby slowing their ability to move around your environment. Privilege Management Reduces Impact: 0 2 4 6 8 10 12 14 16 18 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec total Priv mgmt mitigates
  • 11. SANS Training Example from Dr Eric Cole • 47 users across 47 companies • Average required rights to data 42% • Of total data loss, ONLY 17% would have been lost • Remaining 83% equated to $4.5 Million • Roughly $100K per user breached
  • 13. SANS – 1st Five… SANS “First Five”—as providing the most immediate increase in efficient and effective reduction in risk from advanced targeted attacks: 1) software whitelisting, 2) secure standard configurations, 3) application security patching, 4) system security patching and 5) minimization of administrative privileges.
  • 14. How does it work – What’s under the hood?
  • 15. ivanti User Privilege Management  Enable admin apps & features for standard users  Allow personal apps with IT control  Full auditing capability
  • 16. Standard Elevation with Ivanti Application Control 16 AM Agent LSASS Amend Token? CreateProcess Regedit.exe AMAppHook.Dll NTDLL LSA Client Custom LSA Auth Package AMMessageAssist Regedit.exeReparent CreateProcess - Regedit.exe Explorer.exe
  • 20. History and Experience • 18 years experience Whitelisting from AppSense • 14 years experience Patching from Shavlik • 7 years experience Privilege Management from AppSense
  • 21. Control Administrative Rights  Applications  OS Components  Websites  Services  Installs
  • 23. Application Network Access Control Control outbound connections:  IP  Hostname  URL  UNC or Port
  • 24. What Do I Need To Elevate?
  • 25. Ivanti is QUICK to protect Deploy Audit Review Update Proven Methodology
  • 26. Granular, Contextual Policies • Allows authorised users to access “break glass” functionality • All based on granular, contextual policies • All policy based with full auditing
  • 27. 85% of Windows intrusion threats Organizations can prevent up to by implementing four key disciplines PATCH OPERATING SYSTEMS 1 PATCH APPLICATIONS 2 PRIVILEGE MANAGEMENT 4 APPLICATION WHITELISTING 3 Powered ByPowered By
  • 28. Our defense-in-depth products PATCH & VULNERABILITY MANAGEMENT APPLICATION CONTROL & PRIVILEGE MANAGEMENT ENDPOINT SECURITY SUITES SECURE PROGRAM MANAGEMENT • IVANTI PATCH FOR ENDPOINTS • IVANTI PATCH FOR SERVERS • IVANTI PATCH FOR SCCM • IVANTI APPLICATION CONTROL FOR ENDPOINTS • IVANTI APPLICATION CONTROL FOR SERVERS • IVANTI APPLICATION CONTROL FOR SCCM • IVANTI ENDPOINT SECURITY • IVANTI SERVER SECURITY • IVANTI SERVICE MANAGER • IVANTI ASSET MANAGER Provide Insight Compliance and monitoring by Xtraction
  • 30. Only product Customer bought off a Beta 
  • 31. Hassell – Removal of Admin/App Store
  • 32. Demo – Show me already
  • 33. 33
  • 35. 1. Follow the advice from Experts  SANS, CIS, ASD –do the most important things FIRST  Follow a proven methodology  If you want more info on this jump into this session OSB310 – Whitelisting, The Good, the Bad, the Ugly. Our Experts help you avoid Common Pitfalls Thursday 10:15- 11:15 Jamaica B
  • 36. 2. Get buy in from the Business • It cant just be driven by the Security Team • Communications is the key – user and departmental • Make sure people understand the business benefit
  • 37. 3. Do your Discovery - Don’t assume anything What’s running on your network? What apps need admin rights? How quickly user behaviour can change Xtraction can be Awesome to help get that single page view
  • 38. 3. Do your Discovery - Don’t assume anything Xtraction example: ASD TOP 4 Single pane view Multiple data sources
  • 39. Plug for Xtraction OSL140 - Here’s Your #$@&%*! Report! Test Drive Xtraction for Security Wednesday 14:15 – 15:15 MEC C1
  • 40. Q + A Thank you