MANAGING IDENTITIES AND RIGHTS OF ACCESS
With the increase in the volume of IT infrastructure of one company, the daily administration is more complicated. The amount of logs that different security devices generate is too big to manually pass through them, and each failure is expensive.
About the solution
Possible vulnerabilities are many, and the types of malware are numerous and diverse. However, in executing all of these malicious codes, one thing is common – administrative rights. Only with administrator rights malware can do everything for which it is created and achieve the maximum effect in the infected system. Such a weak link in one system actually become people who are in charge of its maintenance. In addition, in large systems it is very difficult to list all the devices and tasks that have administrative rights. The company Cyberark focuses specifically on this problem and provides a variety of security solutions and privileged account management solutions.
The Enterprise Password Vault solution enables, first of all, the detection of all privileged accounts in the system. This leads to information about whether there are orders in the system that need to be extinguished or their privileges reduced. Once the devices that are controlled by this solution are defined, the administrator can determine the frequency of the password rotation, which will take place automatically, as well as the complexity that it must satisfy.
The Privileged Session Manager (PSM) allows you to monitor the real-time session administrator or record it. This solution is the so-called jump server, which serves the administrator to initiate a session through it to a particular server.
The Application Identity Manager detects all the credentials embedded in the application code and provides the ability to replace them with credentials that it can then rotate. In addition, the integrity of the application based on its characteristics is checked, so that access is limited to authorized applications only.
The Privileged Threat Analytics (PTA) solution proactively looks for indications of compromised accounts in the system. Detecting both deterministic and behavior-based approaches are used, allowing early detection of irregular use of orders.
Another leader in this domain is Wallix with PAM (Privileged Access Management) solution Bastion. Bastion is a management solution for privileged orders, for password management, for managing traceability and compliance with security laws and regulations, a solution for monitoring external and internal unauthorized access to the system, as well as a solution for controlling the operation of industrial security systems.
All functions of this solution are grouped into three modules. The first module, session manager, serves to monitor all the activities in the system and to control access in real time. Through the password manager module, the solution serves to manage passwords and SSH keys through encryption, while Access Manager serves centralized management of privileged approaches through an administrator console.