IT Security Matters

Klaus Jochem

Skip to content
  • Home
  • About me
    • About me
    • Copyright and Disclaimer

Update on Cross-Domain Innovation: Using PAM for efficient mitigation of Pass-the-Hash attacks

26 October 2016

Today, I participated in a great presentation of CyberArk’s Privileged Account Security Solution. The features of this product are really impressive, in particular the consistent implementation of the Separation of Duties principle to enforce rules like ‘the administrator of the Enterprise Password Vault must not access any of the managed systems’ or ‘an auditor must not manage connections’. To enforce such rules is a tough job in many systems, but an easy task if Separation of Duties is implemented as core function.

CyberArk provides all the capabilities for the efficient management of local privileged accounts. Thus the solution is perfectly suited to mitigate Pass-the-Hash attacks without increased management effort.

Have a good day.

Advertisements

Share this:

  • Email
  • Print
  • LinkedIn

Like this:

Like Loading...

Related

This entry was posted in Opinion, Survival tips and tagged CyberArk Privileged Account Security Solution, Pass-the-Hash attack, Privileged Accounts Management, Separation of Duties on October 26, 2016 by Klaus Jochem.

Post navigation

← Cross-Domain Innovation: Using a PAM solution for efficient mitigation of Pass-the-Hash attacks The IoT brings down the Internet →

Technology and more

  • 4 Elementary IT Security Design Principles

Endnotes

  • SRM Blog Information Security Breach Reports
  • [1] Frequently Asked Questions on eBay Password Change
  • [2] Ponemon Institute, Cost of Cyber Crime Study: United States 2013
  • [3] Hashed Passwords – Crack The Cred
  • [4] Important Information – Office Passwort Reset
  • [5] Reducing the Effectiveness of Pass-the-Hash

Tags

  • administrative privileges
  • Adobe Flash Player
  • anti-malware
  • AppGuard
  • Attack Surface
  • Cyber Attack
  • data breach
  • Endpoint Protection
  • maliciuos insider
  • Malware
  • Phishing
  • Principle of least privilege
  • Ransomware
  • Remote Code Execution Vulnerability
  • Separation of Duties
  • strong passwords
  • Two factor Authentication
  • UAC
  • Vulnerability
  • Zero day exploits

Archive

  • July 2019 (1)
  • June 2019 (1)
  • May 2019 (2)
  • April 2019 (1)
  • March 2019 (3)
  • February 2019 (1)
  • January 2019 (2)
  • December 2018 (1)
  • November 2018 (2)
  • October 2018 (2)
  • September 2018 (1)
  • August 2018 (2)
  • July 2018 (1)
  • June 2018 (3)
  • May 2018 (2)
  • April 2018 (3)
  • March 2018 (3)
  • February 2018 (3)
  • January 2018 (3)
  • December 2017 (1)
  • November 2017 (3)
  • October 2017 (6)
  • September 2017 (1)
  • August 2017 (1)
  • July 2017 (5)
  • June 2017 (2)
  • May 2017 (5)
  • April 2017 (4)
  • March 2017 (3)
  • February 2017 (3)
  • January 2017 (2)
  • December 2016 (2)
  • November 2016 (5)
  • October 2016 (8)
  • September 2016 (4)
  • August 2016 (4)
  • July 2016 (6)
  • June 2016 (4)
  • May 2016 (4)
  • April 2016 (5)
  • March 2016 (6)
  • February 2016 (9)
  • January 2016 (7)
  • December 2015 (2)
  • November 2015 (6)
  • October 2015 (4)
  • September 2015 (4)
  • August 2015 (5)
  • July 2015 (6)
  • June 2015 (6)
  • May 2015 (9)
  • April 2015 (8)
  • March 2015 (8)
  • February 2015 (8)
  • January 2015 (10)
  • December 2014 (4)
  • November 2014 (9)
  • October 2014 (9)
  • September 2014 (9)
  • August 2014 (10)
  • July 2014 (10)
  • June 2014 (5)

Blogs I Follow

  • Nathan Gau's SCOM blog
  • Erica Varlese
  • Banter Republic
  • We're all a bit radio rental
  • Gehad's Journey

Subscribe

RSS Feed

Advertisements
Create a free website or blog at WordPress.com.
Nathan Gau's SCOM blog

Delivering a cure for insomnia since 2015 (and the occasional useful article).

Erica Varlese

a marriage of yoga, crossfit, and travel

Banter Republic

It's just banter

We're all a bit radio rental

Rae Raes World... Under Construction...

Gehad's Journey

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
%d bloggers like this: