Q1. BeyondTrust's latest Microsoft Vulnerability Report identified elevation of privilege issues as the top category of vulnerabilities in Microsoft products in 2021, as they were in 2020. What are the implications of this trend for enterprise organizations? How, if at all, should they be adjusting their priorities to address the issue?
While vulnerabilities exist in every organization, the prioritization for remediation has been a constant struggle for decades. Which ones are the most critical, which ones can be mitigated, and which ones are an acceptable risk, requires insights into an environment and details on the vulnerability and potential exploitation. While an organization can make risk decisions based on the environment, the more information about the risk will help determine the best outcome for the business.
The Microsoft Vulnerability Report for 2022 helps address the gap in vulnerability information to make these decisions. Armed with the knowledge that elevation of privileges continues to be the most prevalent category for vulnerabilities, and that other statistics prove faults in browser technology and applications are the primary attack vector for exploitation, helps organizations make sound risk decisions for remediation, mitigation, and risk acceptance. Without this knowledge, trends in vulnerability classification are not considered when building your risk mitigation and prioritization strategy within a business.
Q2. How do zero-trust models impact privileged access management?
The primary purpose of zero trust, regardless of the model, is to ensure separation of the control and data planes for continuous authentication and behavioral monitoring. When this is applied to Privileged Access Management, the most sensitive accounts in an environment are managed with strict controls to ensure that all activity is appropriate when applied to the most sensitive assets and data within an enclave.
The difference between this implementation and activity with standard user accounts is worth noting. When Zero Trust is applied using the Principals of PAM, the following characteristics can be implemented to strengthen authentication models: secrets are managed (including passwords) are managed, rotated, and obfuscated from end users, dynamic enforcement of least privilege can be implemented based on environmental attributes, and remote access into the data plane can be managed by session, activity, and for federated and unfederated identities. Zero Trust and Privilege Access Management together ensure that the most sensitive accounts in an organization are protected with the best strategies that identity and access management technology can offer.
Q3. What are BeyondTrust's plans at Black Hat USA 2022? What is your company's main messaging at the event?
At Black Hat, BeyondTrust will demonstrate that it is the worldwide leader in Privileged Access Management, offering the most seamless approach to preventing data breaches related to stolen credentials, misused privileges, and compromised remote access. BeyondTrust solutions empower organizations to easily scale privilege security as threats evolve across endpoint, server, cloud, DevOps, network, and the need for remote access in a work for anywhere world device. BeyondTrust unifies the industry’s broadest set of privileged access capabilities with centralized management, reporting, and analytics, enabling leaders to take decisive and informed actions to defeat threat actors.
With these in mind, BeyondTrust will discuss a new book called Cloud Attack Vectors, the fourth in the Attack Vector series from Apress Media, and author Morey Haber, CSO at BeyondTrust, covering the latest attack vectors and mitigation strategies to protect the cloud and hybrid cloud environments from malicious activity.