BeyondTrust, profile picture
Uploaded byBeyondTrust
PDF, PPTX913 views

Defense in Depth: Implementing a Layered Privileged Password Security Strategy

The document discusses the concept of 'defense in depth' in the context of privileged password security, emphasizing the importance of layered security strategies tailored to the specific risks and types of privileged accounts. It introduces PowerBroker password management solutions that automate the management of passwords and session activities, enhancing security through adaptive workflow controls and real-time monitoring. The document also highlights market validation for BeyondTrust's privileged access management solutions, showcasing its leadership in the industry based on various independent evaluations.

Embed presentation

Download as PDF, PPTX
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Nick Cavalancia Techvangelism
You already believe in layers • A visitor to your building • Access to a file • Remote Connectivity
What are you doing today? • Password vault? • Spreadsheet? • Accountability? How are you protecting privileged passwords?
Layering security over priv. passwords ******
Do you need all those layers? • In short, no. • Privileged accounts aren’t all alike • Layered strategy can’t be either
Consider the password risk • Resource access? • External threat damage? • Internal threat damage?
Establishing defense in depth • Layers are a part of IT security • Think layered password protection • Determine the layer/password mix • Identifying password risk
PowerBroker Password Safe v6.0 Martin Cannard – Product Manager
PAM – A collection of best practices AD BridgeAD Bridge Privilege Delegation Privilege Delegation Session Management Session Management Use AD credentials to access Unix/Linux hosts Once the user is logged on, manage what they can do Managed list of resources the user is authorized to access. Gateway proxy capability. Audit of all session activity Password & SSH Key Management Password & SSH Key Management Automate the management of functional account passwords and SSH keys
Comprehensive Security Management ► Secure and automate the process for managing privileged account passwords and keys ► Control how people, services, applications and scripts access managed credentials ► Auto-logon users onto RDP, SSH sessions and apps, without revealing the password ► Record all user and administrator activity (with keystrokes) in a comprehensive audit trail ► Alert in real-time as passwords, and keys are released, and session activity is started ► Monitor session activity in real-time, and immediately lock/terminate suspicious activity Privileged Password Management People Services A2A Privileged Session Management SSH Key Management
Native desktop tool (MSTSC/PuTTY etc.) connects to Password Safe which proxies connection through to requested resource Protected Resources User authenticates to Password Safe and requests session to protected resource RDP/SSH session is proxied through the Password Safe appliance HTTPS RDP / SSH RDP / SSH Password Safe ProxyProxyProxyProxy Privileged Session Management
Differentiator: Adaptive Workflow Control
Adaptive Workflow Control • Day • Date • Time • Who • What • Where
Differentiator: Controlling Application Access
Automatic Login to ESXi example Browser RDP Client ESX RDP (4489) RDP (3389) User selects vSphere application and credentials vSphere RemoteApp Credential Checkout Credential Management User Store Session Recording / Logging HTTPS
Automatic Login to Unix/Linux Applications Typical Use Cases • Jump host in DMZ • Menu-driven Apps • Backup Scripts • Role-based Apps Browser RDP Client SSH (22) SSH (22) User selects SSH application and credentials SSH Application Credential Checkout Session Recording / Logging HTTPS
Differentiator: Reporting & Analytics
Actionable Reporting
Advanced Threat Analytics
What makes Password Safe different? • Adaptive workflow control to evaluate and intelligently route based on the who, what, where, and when of the request • Full network scanning capabilities with built-in auto-onboard capabilities • Integrated data warehouse and analytics capability • Smart Rules for building permission sets dynamically according to data pulled back from scans • Session management / live monitoring at NO ADDITIONAL COST • Clean, uncluttered, and intuitive HTML5 interface for end users
Market Validation • Leader: Forrester PIM Wave, Q3 2016 − Top-ranked Current Offering (product) among all 10 vendors reviewed − “BeyondTrust excels with its privileged session management capabilities.” − “BeyondTrust […] provides the machine learning and predictive behavior analytics capabilities.” • Leadership − Gartner: “BeyondTrust is a representative vendor for all five key PAM solution categories.” − OVUM: “BeyondTrust […] provides an integrated, one- stop approach to PAM… one of only a small band of PAM providers offering end-to-end coverage.” − SC Magazine: “Recommended product.” − … and more from IDC, KuppingerCole, TechNavio, 451Research, Frost & Sullivan and Forrester
DEMO
Poll
Q&A Thank you for attending!

More Related Content

PDF
Network security
bySri Manakula Vinayagar Engineering College
 
PPTX
IoT Security - Preparing for the Worst
bySatria Ady Pradana
 
PDF
Using Your Network as a Sensor for Enhanced Visibility and Security
byLancope, Inc.
 
PDF
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
byShah Sheikh
 
PPTX
Application layer Security in IoT: A Survey
byAdeel Ahmed
 
PPTX
IOT Security FUN-damental
bySatria Ady Pradana
 
PPTX
HIPAA 101 Compliance Threat Landscape & Best Practices
byHostway|HOSTING
 
PPTX
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
bycentralohioissa
 
Network security
bySri Manakula Vinayagar Engineering College
 
IoT Security - Preparing for the Worst
bySatria Ady Pradana
 
Using Your Network as a Sensor for Enhanced Visibility and Security
byLancope, Inc.
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
byShah Sheikh
 
Application layer Security in IoT: A Survey
byAdeel Ahmed
 
IOT Security FUN-damental
bySatria Ady Pradana
 
HIPAA 101 Compliance Threat Landscape & Best Practices
byHostway|HOSTING
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
bycentralohioissa
 

What's hot

PDF
CSF18 - Through a Mirror Darkly- a journey to the dark side of metadata - Sas...
byNCCOMMS
 
PDF
FORTIFICATION OF HYBRID INTRUSION DETECTION SYSTEM USING VARIANTS OF NEURAL ...
byIJNSA Journal
 
PPSX
Ids 001 ids vs ips
byjyoti_lakhani
 
PPTX
NGIPS(Next Generation Intrusion Prevention System) in Network security presen...
byUzairAhmad81
 
PDF
Ccna sec 01
byEduclentMegasoftel
 
PDF
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
byShah Sheikh
 
PPT
Ethical Hacking and Penetration Testing
byRishabh Upadhyay
 
PDF
Threat Intelligence Is Like Three Day Potty Training
byPriyanka Aash
 
PPTX
Intrusion detection and prevention system
byNikhil Raj
 
PPTX
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
bySWITCHPOINT NV/SA
 
PDF
Securing the Internet from Cyber Criminals
byNarudom Roongsiriwong, CISSP
 
PDF
Behavior-Based Defense in ICS
byDragos, Inc.
 
PPTX
Cyber Attack Survival: Are You Ready?
byRadware
 
PDF
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
byShah Sheikh
 
PPTX
DC970 Presents: Defense in Depth
byIceQUICK
 
PDF
Hunting: Defense Against The Dark Arts
bySpyglass Security
 
PPTX
Clean dns enus
byBruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
 
PPTX
TRISIS in Perspective
byDragos, Inc.
 
PDF
Trisis in Perspective: Implications for ICS Defenders
byDragos, Inc.
 
PPTX
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
byAlienVault
 
CSF18 - Through a Mirror Darkly- a journey to the dark side of metadata - Sas...
byNCCOMMS
 
FORTIFICATION OF HYBRID INTRUSION DETECTION SYSTEM USING VARIANTS OF NEURAL ...
byIJNSA Journal
 
Ids 001 ids vs ips
byjyoti_lakhani
 
NGIPS(Next Generation Intrusion Prevention System) in Network security presen...
byUzairAhmad81
 
Ccna sec 01
byEduclentMegasoftel
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
byShah Sheikh
 
Ethical Hacking and Penetration Testing
byRishabh Upadhyay
 
Threat Intelligence Is Like Three Day Potty Training
byPriyanka Aash
 
Intrusion detection and prevention system
byNikhil Raj
 
SOPHOS presentation used during the SWITCHPOINT NV/SA Quarterly Experience Da...
bySWITCHPOINT NV/SA
 
Securing the Internet from Cyber Criminals
byNarudom Roongsiriwong, CISSP
 
Behavior-Based Defense in ICS
byDragos, Inc.
 
Cyber Attack Survival: Are You Ready?
byRadware
 
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
byShah Sheikh
 
DC970 Presents: Defense in Depth
byIceQUICK
 
Hunting: Defense Against The Dark Arts
bySpyglass Security
 
Clean dns enus
byBruno Guerreiro, COBIT, ITIL, MCSO, LPIC3 Security
 
TRISIS in Perspective
byDragos, Inc.
 
Trisis in Perspective: Implications for ICS Defenders
byDragos, Inc.
 
How to Normalize Threat Intelligence Data from Multiple Sources - Tech Talk T...
byAlienVault
 

Viewers also liked

PPTX
Network security - Defense in Depth
byDilum Bandara
 
PDF
NTXISSACSC4 - Layered Security / Defense in Depth
byNorth Texas Chapter of the ISSA
 
PDF
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
byBeyondTrust
 
PDF
defense_in_depth_version_12
byAlen Schulze
 
PPTX
Malware Defense-in-Depth 2.0
byAyed Al Qartah
 
PDF
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
byNetwork Performance Channel GmbH
 
PDF
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
byBob Rhubart
 
PPTX
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
byNicholas Davis
 
PPTX
SABSA Implementation(Part III)_ver1-0
byMaganathin Veeraragaloo
 
PPT
Firewall - Network Defense in Depth Firewalls
byphanleson
 
PDF
Defense In Depth Using NIST 800-30
byKevin M. Moker, CFE, CISSP, ISSMP, CISM
 
PDF
NTXISSACSC4 - Security for a New World
byNorth Texas Chapter of the ISSA
 
PPTX
OSI Layer Security
byNurkholish Halim
 
PPTX
ISO 27001 - information security user awareness training presentation - Part 1
byTanmay Shinde
 
PPTX
ISO 27001 - Information security user awareness training presentation - part 3
byTanmay Shinde
 
PPTX
INFORMATION SECURITY
byAhmed Moussa
 
Network security - Defense in Depth
byDilum Bandara
 
NTXISSACSC4 - Layered Security / Defense in Depth
byNorth Texas Chapter of the ISSA
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
byBeyondTrust
 
defense_in_depth_version_12
byAlen Schulze
 
Malware Defense-in-Depth 2.0
byAyed Al Qartah
 
Fortifying Network Security with a Defense In Depth Strategy - IDC Romania preso
byNetwork Performance Channel GmbH
 
Rationalization and Defense in Depth - Two Steps Closer to the Cloud
byBob Rhubart
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
byNicholas Davis
 
SABSA Implementation(Part III)_ver1-0
byMaganathin Veeraragaloo
 
Firewall - Network Defense in Depth Firewalls
byphanleson
 
Defense In Depth Using NIST 800-30
byKevin M. Moker, CFE, CISSP, ISSMP, CISM
 
NTXISSACSC4 - Security for a New World
byNorth Texas Chapter of the ISSA
 
OSI Layer Security
byNurkholish Halim
 
ISO 27001 - information security user awareness training presentation - Part 1
byTanmay Shinde
 
ISO 27001 - Information security user awareness training presentation - part 3
byTanmay Shinde
 
INFORMATION SECURITY
byAhmed Moussa
 

Similar to Defense in Depth: Implementing a Layered Privileged Password Security Strategy

PDF
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
byBeyondTrust
 
PPTX
Sweden dst tpam 2014
byRonny Stavem
 
PDF
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
byPaula Januszkiewicz
 
PDF
Privileged Access Management
byHitachi ID Systems, Inc.
 
PDF
Gartner Security & Risk Management Summit 2018
byPaula Januszkiewicz
 
PPT
e-DMZ Products Overview
byDell
 
PDF
Stop the Evil, Protect the Endpoint
byBeyondTrust
 
PPTX
CyberArk
byJimmy Sze
 
PPTX
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
byBruno Caseiro
 
PDF
Security Breaches from Compromised User Logins
byIS Decisions
 
PDF
8-step Guide to Administering Windows without Domain Admin Privileges
byBeyondTrust
 
PPTX
Super User or Super Threat?
byObserveIT
 
PPTX
Dell Quest TPAM Privileged Access Control
byAidy Tificate
 
PPTX
Asecurity-guidelines_and_best_practices_for_retail_online_and_business_online
bywardell henley
 
PDF
Privileged identity management
byNis
 
PDF
Annual OktCyberfest 2019
byFahad Al-Hasan
 
PDF
Who will guard the guards
byNetwork Intelligence India
 
PDF
Advanced persistent threats
byNetwork Intelligence India
 
PDF
Managing privileged account security
byRaleigh ISSA
 
PDF
Crush Common Cybersecurity Threats with Privilege Access Management
byBeyondTrust
 
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
byBeyondTrust
 
Sweden dst tpam 2014
byRonny Stavem
 
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
byPaula Januszkiewicz
 
Privileged Access Management
byHitachi ID Systems, Inc.
 
Gartner Security & Risk Management Summit 2018
byPaula Januszkiewicz
 
e-DMZ Products Overview
byDell
 
Stop the Evil, Protect the Endpoint
byBeyondTrust
 
CyberArk
byJimmy Sze
 
Reduciendo riesgos a través de controles de acceso, manejo de privilegios y a...
byBruno Caseiro
 
Security Breaches from Compromised User Logins
byIS Decisions
 
8-step Guide to Administering Windows without Domain Admin Privileges
byBeyondTrust
 
Super User or Super Threat?
byObserveIT
 
Dell Quest TPAM Privileged Access Control
byAidy Tificate
 
Asecurity-guidelines_and_best_practices_for_retail_online_and_business_online
bywardell henley
 
Privileged identity management
byNis
 
Annual OktCyberfest 2019
byFahad Al-Hasan
 
Who will guard the guards
byNetwork Intelligence India
 
Advanced persistent threats
byNetwork Intelligence India
 
Managing privileged account security
byRaleigh ISSA
 
Crush Common Cybersecurity Threats with Privilege Access Management
byBeyondTrust
 

More from BeyondTrust

PDF
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
byBeyondTrust
 
PDF
10 Steps to Better Windows Privileged Access Management
byBeyondTrust
 
PDF
Tips to Remediate your Vulnerability Management Program
byBeyondTrust
 
PDF
Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
byBeyondTrust
 
PDF
5 Steps to Privilege Readiness (infographic)
byBeyondTrust
 
PDF
Unearth Active Directory Threats Before They Bury Your Enterprise
byBeyondTrust
 
PDF
Securing DevOps through Privileged Access Management
byBeyondTrust
 
PDF
Active Directory Auditing Tools: Building Blocks or just a Handful of Dust?
byBeyondTrust
 
PDF
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
byBeyondTrust
 
PDF
Unix / Linux Privilege Management: What a Financial Services CISO Cares About
byBeyondTrust
 
PDF
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
byBeyondTrust
 
PDF
Mitigating Risk in Aging Federal IT Systems
byBeyondTrust
 
PDF
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
byBeyondTrust
 
PDF
Hacker techniques for bypassing existing antivirus solutions & how to build a...
byBeyondTrust
 
PDF
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
byBeyondTrust
 
PDF
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
byBeyondTrust
 
PDF
Prevent Data Leakage Using Windows Information Protection (WIP)
byBeyondTrust
 
PDF
Enemy from Within: Managing and Controlling Access
byBeyondTrust
 
PDF
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
byBeyondTrust
 
PDF
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
byBeyondTrust
 
The 5 Crazy Mistakes IoT Administrators Make with System Credentials
byBeyondTrust
 
10 Steps to Better Windows Privileged Access Management
byBeyondTrust
 
Tips to Remediate your Vulnerability Management Program
byBeyondTrust
 
Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
byBeyondTrust
 
5 Steps to Privilege Readiness (infographic)
byBeyondTrust
 
Unearth Active Directory Threats Before They Bury Your Enterprise
byBeyondTrust
 
Securing DevOps through Privileged Access Management
byBeyondTrust
 
Active Directory Auditing Tools: Building Blocks or just a Handful of Dust?
byBeyondTrust
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
byBeyondTrust
 
Unix / Linux Privilege Management: What a Financial Services CISO Cares About
byBeyondTrust
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
byBeyondTrust
 
Mitigating Risk in Aging Federal IT Systems
byBeyondTrust
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
byBeyondTrust
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
byBeyondTrust
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
byBeyondTrust
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
byBeyondTrust
 
Prevent Data Leakage Using Windows Information Protection (WIP)
byBeyondTrust
 
Enemy from Within: Managing and Controlling Access
byBeyondTrust
 
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
byBeyondTrust
 
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
byBeyondTrust
 

Recently uploaded

PDF
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 
PDF
Quantum TechDocs - Technology & Compliance.pdf
byietmsoftware1
 
PDF
The Ultimate Serial Port Detective – Baudowl
byCysinfo Cyber Security Community
 
PDF
6 Hotel Booking Trends You Can’t Ignore in 2025.pdf
byHotelogix
 
PDF
DSD-INT 2025 Thermal and chemical plumes of sea cooling water from PEM platfo...
byDeltares
 
PDF
SWEBOK: the software engineering body of knowledge (SC25 Workshop Research So...
byHironori Washizaki
 
PDF
NYC ACE 12-Nov-2025-Combined Presentation.pdf
byAUGNYC
 
PDF
DSD-INT 2025 From Software to Impact - Water Quality Modelling for the UN Oce...
byDeltares
 
PDF
A Complete Guide to Salesforce for Education.pdf
byVALiNTRY360
 
PPTX
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
PDF
A new Vision of Software Sustainability and its Engineering: Reflections and ...
byPatricia Lago
 
PDF
AWS Certified Developer - Associate certificate.pdf
byGabriellaSantosRodri
 
PPTX
Key Benefits of Odoo Customization Services
byCandidRoot Solutions Private Limited
 
PDF
The Evolution of Project Portfolio Management - What Modern PMOs Are Doing Di...
byOnePlan Solutions
 
PDF
2025_11_19 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Threat Hunting with Garuda: From Manual Analysis to AI-Driven Hunting By Monn...
byCysinfo Cyber Security Community
 
PDF
Hyperon Chain – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority1
 
PDF
AI/ML Infra Meetup | Unlock the Future of Generative AI: TorchTitan's Latest ...
byAlluxio, Inc.
 
PDF
DSD-INT 2025 The Singapore Regional Model in Delft3D FM - Zijl
byDeltares
 
PDF
How Integrating Copilot and AI Agents in Microsoft Dynamics 365
byTechWize
 
Combinatorial Interview Problems with Backtracking Solutions - From Imperativ...
byPhilip Schwarz
 
Quantum TechDocs - Technology & Compliance.pdf
byietmsoftware1
 
The Ultimate Serial Port Detective – Baudowl
byCysinfo Cyber Security Community
 
6 Hotel Booking Trends You Can’t Ignore in 2025.pdf
byHotelogix
 
DSD-INT 2025 Thermal and chemical plumes of sea cooling water from PEM platfo...
byDeltares
 
SWEBOK: the software engineering body of knowledge (SC25 Workshop Research So...
byHironori Washizaki
 
NYC ACE 12-Nov-2025-Combined Presentation.pdf
byAUGNYC
 
DSD-INT 2025 From Software to Impact - Water Quality Modelling for the UN Oce...
byDeltares
 
A Complete Guide to Salesforce for Education.pdf
byVALiNTRY360
 
The Sync Strikes Back: Tales from the MOPs Trenches
bybbedford2
 
A new Vision of Software Sustainability and its Engineering: Reflections and ...
byPatricia Lago
 
AWS Certified Developer - Associate certificate.pdf
byGabriellaSantosRodri
 
Key Benefits of Odoo Customization Services
byCandidRoot Solutions Private Limited
 
The Evolution of Project Portfolio Management - What Modern PMOs Are Doing Di...
byOnePlan Solutions
 
2025_11_19 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Threat Hunting with Garuda: From Manual Analysis to AI-Driven Hunting By Monn...
byCysinfo Cyber Security Community
 
Hyperon Chain – Smart Contract Security Audit Report by EtherAuthority
byEtherAuthority1
 
AI/ML Infra Meetup | Unlock the Future of Generative AI: TorchTitan's Latest ...
byAlluxio, Inc.
 
DSD-INT 2025 The Singapore Regional Model in Delft3D FM - Zijl
byDeltares
 
How Integrating Copilot and AI Agents in Microsoft Dynamics 365
byTechWize
 

Defense in Depth: Implementing a Layered Privileged Password Security Strategy

  • 1.
    Defense in Depth: Implementinga Layered Privileged Password Security Strategy Nick Cavalancia Techvangelism
  • 2.
    You already believein layers • A visitor to your building • Access to a file • Remote Connectivity
  • 3.
    What are youdoing today? • Password vault? • Spreadsheet? • Accountability? How are you protecting privileged passwords?
  • 4.
    Layering security overpriv. passwords ******
  • 5.
    Do you needall those layers? • In short, no. • Privileged accounts aren’t all alike • Layered strategy can’t be either
  • 6.
    Consider the passwordrisk • Resource access? • External threat damage? • Internal threat damage?
  • 7.
    Establishing defense indepth • Layers are a part of IT security • Think layered password protection • Determine the layer/password mix • Identifying password risk
  • 8.
    PowerBroker Password Safe v6.0 MartinCannard – Product Manager
  • 9.
    PAM – Acollection of best practices AD BridgeAD Bridge Privilege Delegation Privilege Delegation Session Management Session Management Use AD credentials to access Unix/Linux hosts Once the user is logged on, manage what they can do Managed list of resources the user is authorized to access. Gateway proxy capability. Audit of all session activity Password & SSH Key Management Password & SSH Key Management Automate the management of functional account passwords and SSH keys
  • 10.
    Comprehensive Security Management ►Secure and automate the process for managing privileged account passwords and keys ► Control how people, services, applications and scripts access managed credentials ► Auto-logon users onto RDP, SSH sessions and apps, without revealing the password ► Record all user and administrator activity (with keystrokes) in a comprehensive audit trail ► Alert in real-time as passwords, and keys are released, and session activity is started ► Monitor session activity in real-time, and immediately lock/terminate suspicious activity Privileged Password Management People Services A2A Privileged Session Management SSH Key Management
  • 11.
    Native desktop tool(MSTSC/PuTTY etc.) connects to Password Safe which proxies connection through to requested resource Protected Resources User authenticates to Password Safe and requests session to protected resource RDP/SSH session is proxied through the Password Safe appliance HTTPS RDP / SSH RDP / SSH Password Safe ProxyProxyProxyProxy Privileged Session Management
  • 12.
  • 13.
    Adaptive Workflow Control •Day • Date • Time • Who • What • Where
  • 14.
  • 15.
    Automatic Login toESXi example Browser RDP Client ESX RDP (4489) RDP (3389) User selects vSphere application and credentials vSphere RemoteApp Credential Checkout Credential Management User Store Session Recording / Logging HTTPS
  • 16.
    Automatic Login toUnix/Linux Applications Typical Use Cases • Jump host in DMZ • Menu-driven Apps • Backup Scripts • Role-based Apps Browser RDP Client SSH (22) SSH (22) User selects SSH application and credentials SSH Application Credential Checkout Session Recording / Logging HTTPS
  • 17.
  • 18.
  • 19.
  • 20.
    What makes PasswordSafe different? • Adaptive workflow control to evaluate and intelligently route based on the who, what, where, and when of the request • Full network scanning capabilities with built-in auto-onboard capabilities • Integrated data warehouse and analytics capability • Smart Rules for building permission sets dynamically according to data pulled back from scans • Session management / live monitoring at NO ADDITIONAL COST • Clean, uncluttered, and intuitive HTML5 interface for end users
  • 21.
    Market Validation • Leader:Forrester PIM Wave, Q3 2016 − Top-ranked Current Offering (product) among all 10 vendors reviewed − “BeyondTrust excels with its privileged session management capabilities.” − “BeyondTrust […] provides the machine learning and predictive behavior analytics capabilities.” • Leadership − Gartner: “BeyondTrust is a representative vendor for all five key PAM solution categories.” − OVUM: “BeyondTrust […] provides an integrated, one- stop approach to PAM… one of only a small band of PAM providers offering end-to-end coverage.” − SC Magazine: “Recommended product.” − … and more from IDC, KuppingerCole, TechNavio, 451Research, Frost & Sullivan and Forrester
  • 22.
  • 23.
  • 24.