Controlling Privileged Access

 

According to Paul Lanzi, Co-Founder and COO of Remediant, the last time something new was launched in the privileged access arena was in 1999. While the threat landscape has evolved significantly, the advancements to combat those threats have been nonexistent.

Remediant is here to change that. 

 

Lanzi and Timothy Keeler, Co-Founder and CEO, worked together in information security for over a decade and they found that the solutions available in the market place “just weren’t sufficient.” So they built their own solution — SecureONE. This platform controls privileged access across a company’s systems network.

And yet, according to Lanzi, “most companies have no idea what the distribution of privileged access is in their ecosystem.”

In order to provide organizations with control over their privileged access, Remediant offers two main services with SecureONE: Continuous inventory to find where privileged access is distributed in the ecosystem, and secondly, gives companies the tools to lock down privileged access and ensure a minimal privileged state across the ecosystem.

Watch the interview below as Lanzi talks in detail about the founding of Remediant, problems with privileged access and working with Lockheed Martin.

After well over a decade on the Security Incident Response team at Genetech, then later Roche, Keeler served as a security consultant before teaming up with Lanzi to create Remediant. Keeler holds multiple certifications including: US Department of Defense Level 3 8750 IAT and 8750 IAM Management, GX Security Leadership, and Certified Computer Forensics Examiner.

Recognizing the lack of solutions to privileged access risks, that weren’t just password vaults, Keeler and Lanzi turned their attention to creating their own. What followed was SecureONE — a platform that Keeler says is easy to use, features continuous monitoring, and requires that all actions are done with users’ own identities.

Of course, while risky, privileged access isn’t necessarily bad. Internal teams need such access to do their jobs within organizations’ systems. However, Keeler says “IT administrators typically have 24/7 access to seemingly everything on the network, even though they are often only required to use one or two servers per day.” SecureONE is constructed to make it easy to limit privilege access time, granting access to administrators’ individual accounts on an as-needed basis.

All critical infrastructure should be kept in a “zero-privilege model.” This means no one can log into systems unless they go through a two-factor authentication check. When “Protect Mode” is enabled, all administrative access is blocked. Specific administrators can be granted access to perform actions on the system such as service patching or troubleshooting.

Should internal or external attackers attempt to login, their login attempt information is collected by SecureONE. The platform can then detect potentially malicious activity and halt the login, even if the attacker is using valid credentials.

In the interview below, Keeler explains SecureONE in depth, including how the platform blocks insider threats and scans over a 100,000 hosts in under five minutes.

After Keeler explained the concept behind the solution of SecureONE, he demoed the platform for us. He shows us the visibility gained from the SecureONE dashboard, which includes a log of the systems and the users with access to each of the systems.

We enjoyed the opportunity to host Paul Lanzi and Timothy Keeler of Remediant to discuss privileged access on our show, Access Point.''

Source: https://blog.pentesteracademy.com/remediant-controlling-privileged-access-e25adeb3e93e