BeyondTrust, the leading cybersecurity company dedicated to preventing privilege misuse and stopping unauthorised access, has announced the availability of PowerBroker for Windows version 7.4. This newest release of PowerBroker for Windows introduces new capabilities to break a critical link in the Attack Chain: lateral movement.
Most data breaches happen as a result of an attacker leveraging an exploitable vulnerability or insecure credentials to gain unwanted access to a network. Once they gain access, they target users and accounts to elevate privileges in order to move laterally and achieve their ultimate end. In fact, according to the 2017 Verizon Data Breach Investigations Report, 81% of breaches leveraging hacking techniques (misconfigurations, vulnerabilities, or exploits) leveraged stolen or weak passwords as a tactic, up from 63% in 2016. Further, breaches are taking organisations months and sometimes years to detect. These two trends point to an even greater need for organisations to eliminate excessive user permissions on endpoints.
PowerBroker for Windows version 7.4 helps organisations monitor and prevent lateral movement and is:
- Flexible – New rules help IT administrators identify suspicious access and activity and monitor and audit sessions for unauthorised access or changes to files and directories.
- Actionable – IT administrators can either flag the activity or prevent the user from issuing potentially malicious commands. This reduces the attack surface by removing administrator rights from end-users and employing fine-grained policy controls for all privileged access, without disrupting productivity.
- Measurable – PowerBroker for Windows includes reports on lateral and suspicious activity by user to measure the end results and effectiveness of the technology.
“While security information and event management (SIEM) solutions are used by organisations to track all events and activity throughout the network, these solutions are typically not user-based down to the desktop nor proactive,” said Morey Haber, Chief Technology Officer at BeyondTrust. “With PowerBroker for Windows version 7.4, rules can be proactively set to monitor users anywhere whether at home, office, or travelling and also prevent users with lower level privileges from attempting to compromise credentials or perform inappropriate lateral movement – both signs of a potential attack.”
PowerBroker for Windows is part of the PowerBroker Endpoint Privilege Management Solution that combines best-in-class privilege, password and vulnerability management on top of a centralised reporting and analytics platform. As a result, global organisations of all sizes can efficiently and proactively reduce their privilege attack surface, prevent lateral movement by attackers and actively detect and respond to in-progress breaches.
PowerBroker for Windows 7.4 is available now.
Click below to share this article