To all but a small percentage of people, there is no real difference between identity management and access management because very few people need to understand the distinctions. Or at least, they don’t realize that they need to understand how the two concepts are dissimilar. They are related, but decidedly not the same thing.
Earlier this month, when the report about the intel chip flaws went public, most of the tech giants such as Microsoft, Google, IBM, and Apple started rolling out patches for the bugs named “Meltdown and Spectre.” Even though much information has been generated about the potential vulnerabilities that could be caused by these flaws since they are uncovered, the full extent of the security impact to an organization’s ecosystem is still uncertain. One possible use of the (still hypothetical) exploitation of these bugs is the breach of privileged credentials from kernel memory which we will focus to explore in this article.
Remediant founders Tim Keeler and Paul Lanzi were invited to Pentester Academy on Feb 1, 2018, to talk about the problems with current privileged access products in the market, the solution they implemented at Lockheed Martin, and the reasons why they developed SecureONE.
Patrick Gray: We all know that privileged access management is an absolute pain in the ass - even just figuring out where the privileged accounts live and who is using them… Remediant set out to do something about this.
Today, Remediant joined the likes of f5, Malwarebytes, and RSA as members of the SANS Affiliate Directory. Created in late 2016, the directory “was developed to create a more comprehensive relationship between SANS and cybersecurity vendors, focused on educating and enlightening the SANS community on the latest products, services, and techniques”, said Mary Jo Izzo of the SANS Institute.
Last week LANDESK was the latest company to join the ever-growing list of enterprises breached. As one of the titans of IT Asset Management, this breach is particularly painful - LANDESK’s core product set is focused on protecting IT assets. As reports indicate that LANDESK’s source code/build servers have been compromised, the attack not only jeopardizes employee and LANDESK corporate data -- but potentially the data on all endpoints running LANDESK’s client software.