Privileged Identity Management Solution Provider for the Hybrid Cloud Recognized as Gold Winner for Best Security Software and Bronze Winner for Best New Product
Herndon, VA – May 24, 2013 – Xceedium, the premier provider of privileged identity management for the hybrid cloud, today announced that Network Products Guide has named the company’s new Xsuite® for VMware vSphere®, the Gold Winner in the category of Best Security Software. In addition, the product also was recognized as a Bronze Winner in the category of Best New Product. The Network Products Guide Hot Companies and Best Products Awards honor the best in organizational performance, innovations, products, and services from every facet of the IT industry. Winners were announced during the eighth annual dinner in Las Vegas on Tuesday, May 7, 2013.

“Being recognized at the top of the category among so many worthy solutions is a testament to the innovation and engineering team behind Xsuite,” said Glenn Hazard, Xceedium CEO. “As our customers continue to adopt hybrid-cloud architectures, we have significantly enhanced Xsuite to meet their next-generation security and compliance requirements. This selection by Network Products Guide further demonstrates our dedication to staying at the forefront of privileged identity management, and we have no intention of slowing down.”

Xsuite’s new VMware vSphere extension drove Network Product Guide’s selection of Xceedium as the Gold Winner in the Best Security Software category. Xceedium’s Xsuite vaults privileged passwords and other credentials, and then controls access and monitors and records privileged user sessions. Xsuite for VMware vSphere extends Xsuite’s privileged identity management controls to both the VMware vCenter Server management console and guest systems running on VMware vSphere.

Xsuite is the first and only privileged identity management solution that protects the entire hybrid cloud, with comprehensive support for traditional data center systems and resources, the Amazon Web Services cloud platform, and virtual environments. It prevents damage and loss while generating alerts and forensic data through complete session monitoring and recording. Xsuite is engineered for highly elastic virtual environments. Tight integration with vSphere allows Xsuite to automatically discover and apply privileged user access controls over new virtual machines as they appear.

For more information about Xceedium and their award-winning Xsuite, please contact us at: marketing@quantiqint.com Tel:6746 8696

FireEye: Leader in Stopping Advanced Targeted Attacks

Despite the over $20 billion invested in IT security technology, countless enterprises and government agencies have fallen victim to cyber attacks of incredible sophistication and complexity.

This all points to the singular resounding reality: the next generation of cyber attacks is already here.

In the Definitive Guide to Next-Generation Threat Protection, Steve Piper, CISSP, dissects today’s new breed of cyber attacks and how to fill the gap in network defenses in the battle against them.

Download the Definitive Guide to Next-Generation Threat Protection to learn about:

-The staggering statistics on major data breaches and the typical costs associated with them.
-The “ripple effect” of a successful APT attack on critical infrastructure.
-Next-generation threat protection (NGTP) as the innovative, new network security platform poised to win the war against next-generation cyber threats.
-Selecting the right NGTP solution for your organization.

Definitive Guide To Next Generation Threat Protection eBook is here

About FireEye
FireEye is the leader in stopping the new breed of cyber attacks, such as advanced malware, that easily bypass traditional signature-based defences and compromise the majority of enterprise networks. The FireEye solutions supplement traditional and next-generation firewalls, IPS, anti-virus, and gateways, which cannot stop advanced threats, leaving security holes in networks.

Today we have opened up much more channels to work, communicate and run businesses than we did years ago, which also allows much more attack vectors for the cyber criminals. The rapid growth of social media, the BYOD evolution, the mobility and the ubiquity of cloud services are just pleasing the eyes of cyber-criminals when they are building an era of next-generation cyber-attacks. At the same time the business model of trading zero-day exploits and vulnerabilities in the black market is also crafting the current security landscape.

An era of Cyber-terrorism or cybercrime sounds ominous, with the recent news about breached enterprises and governments. But that doesn’t mean it unavoidable for organizations. Many well-respected IT security vendors, institutes and experts have mentioned about a direction towards “pro-active” approach to tackle organized cybercrimes and on how to stay protected in times of cyber-war. All these events are suggesting that this is an era where organization should know about an attack before it happens. And it cannot be achieved without strong security policy, proper process and procedure, compliance, visibility and most importantly, a strategy which is based on a lean-forward, proactive approach. It is time to think differently.

Article Written by:
Jayden AUNG,
Security Consultant
Security Solution Division

The theft, misuse and exploitation of privileged accounts is becoming an increasingly key tactic in each phase of an advanced persistent threat (APT) attack cycle, according to security firm Cyber-Ark.

“Many high-profile breaches, including those at RSA and the US Chamber of Commerce, have involved the exploitation of privileged or administrator accounts,” said Udi Mokady, chief executive of Cyber-Ark.

“Once the security perimeter is breached through phishing or other similar simple techniques, attackers typically take over privileged accounts to move around the company network,” he told Computer Weekly.

These accounts are the most sought after because they enable attackers to erase their digital footprints, install back doors, erase logs, and gain access to highly sensitive information without being detected.

“Once inside, privileged accounts provide a golden path to accessing data and remaining undetected for long periods of time,” said Mokady.

The Mandiant report in February into Chinese cyber attacks against 141 organisations around the world showed that 90% involved the takeover of privileged accounts.

“This provides a strong indicator that protecting these accounts needs to be about more than meeting minimum compliance standards; it has become a critical way to protect data assets,” said Mokady.

“We need to assume that the attackers are inside our networks right now and proceed accordingly by blocking the pathways they’re travelling to access and steal our sensitive data,” he said.

However, relatively few organisations understand the importance of hardening these accounts, mainly because they greatly underestimate the number and power of these accounts, he said.

The number of privileged accounts in an organisation is typically three to four times greater than the number of employees, as each firewall, database and virtual machine will have an admin account.

One of the biggest challenges for organisations is to find all the privileged accounts that exist in their IT infrastructure.

“Only once an organisation has a sense of the scope of the problem can it begin setting policies and enforcing them to provide secure access control,” said Mokady.

The third important element to taking a more proactive approach to the problem is to ensure constant monitoring to track who accesses what assets and for what reason.

“In this way, firms can adopt a least-privilege approach to ensure employees can access only what they need for their job, and to more easily identify rogue employees and network intrusions,” said Mokady.

As awareness of this problem is growing, so is the adoption of access control and monitoring systems, he said, with the financial, energy, public and retail sectors typically leading the way in most countries.

Organisations in these sectors are increasingly demanding the capacity to ensure separation of duties, dual approval processes, and two-factor authentication to minimise abuse of privileged accounts.

Image: Thinkstock

Phishing. It’s a problem; we can all agree on that. Normally we’re talking about APTs in relation to this: really sophisticated long-term attacks that enter at one seemingly unrelated vector only to work their way up the chain of command to get at the heart of your most important data. Frequently APTs use phishing, malware, and social engineering to accomplish their goal of reaching those all-important admin names and passwords, in the following instance it was just one of those vectors.

Some middle school students in Alaska actually phished for administrator privileges. The students used the credentials to obtain access and to control fellow classmates’ PCs. Why the accounts weren’t locked down is a mystery, but I hope people can take a professional lesson from this. Secure your privileged accounts – make it a priority. It’s so easy to get phished, a kid can do it.

If you need to get a handle on how many privileged accounts you currently have and where they exist, you can get a free risk assessment with Cyber-Ark DNA.

NEWTON, Mass. – April 24, 2013 – Organizations can significantly reduce the threat of targeted attacks by proactively securing privileged accounts, according the first APT Privileged Account Exploitation research report. Compiled by CyberSheath’s advanced security investigations team and commissioned by Cyber-Ark, the report reveals that the theft, misuse and exploitation of privileged accounts is a key tactic in each phase of an Advanced Persistent Threat (APT) attack cycle.
CyberSheath’s APT Privileged Account Exploitation report compiles interviews with leading CISOs and security professionals at organizations that collectively have more than $40 billion in annual revenues and more than 170,000 employees around the globe. CyberSheath combined these interviews with the analysis of several high-profile cyber attacks and related industry research from the past year to detail how privileged accounts are increasingly being used in advanced and targeted attacks to compromise organizations and steal data.
Key Findings of the APT Privileged Account Exploitation Research Report
• The Compromise of Privileged Accounts was a Crucial Factor in 100 Percent of Advanced Attacks
• Attacks That Use Privileged Accounts are More Difficult to Detect, Shut Down and Remediate
• Attacks That Exploit Privileged Accounts are More Damaging and Expensive
• Properly Secured Privileged Accounts Can Significantly Reduce APT Exposure:
Best Practices for Preventing APT Privileged Account Compromise
• Isolate, monitor and control every access point to all critical business systems
• Change default passwords on all servers, databases, applications and network devices
• Remove hard-coded passwords from scripts, configuration files and applications
• Employ technical means of automatically enforcing enterprise password policies
• Control access by enforcing least privilege
• Use multifactor authentication for access to privileged accounts
• Increase password complexity
• Use a unique password for each local administrator account
• Remove local administrator rights from the majority of users
• Reduce the number of privileged domain-wide service accounts
• Automatically change passwords on a periodic basis and immediately upon suspicion of misuse
• Monitor and record all activities associated with administrative and privileged accounts
• Implement tamper-proof logging, auditing, and alerting on privileged access

A full copy of the report can be accessed here.

Supporting Quotes:
“The theft and exploitation of privileged accounts is a critical and devastating part of the APT attack cycle. These accounts provide wide ranging access in the enterprise and enable attackers to easily simulate normal business traffic, making infiltrations extremely difficult to detect. Our examination showed that almost every major cyber-incident in the past couple of years involved privileged accounts. The protection, accountability and management of privileged accounts are the very first steps organizations need to take to stop targeted attacks.”
- Eric Noonan, CEO, CyberSheath

“Privileged accounts have typically been viewed as the powerful IT administrator or super-user accounts. This old notion ignores the reality that the use of privileged accounts has expanded significantly throughout the enterprise. Privileged accounts also include default and hardcoded passwords, as well as application backdoors. These accounts exist everywhere – in servers, network devices, applications and more. Security needs to start with identifying and securing every one of these powerful accounts and automating the controls around them. Cyber-attackers know these weak spots exist and will do anything to gain access. By cutting off the means for attackers to travel freely and hide their tracks, organizations can reduce the APT threat.”
- John Worrall, CMO, Cyber-Ark

Free Privileged Account Security Risk Assessment: http://www.cyber-ark.com/landing-pages/dna/index.asp

About Cyber-Ark
Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments. Cyber-Ark works with more than 1,200 customers, including more than 40 percent of the Fortune 100. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, please visit www.cyber-ark.com.
# # #
Copyright © 2013 Cyber-Ark Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

Privileged Identity Management Solution Provider for the Hybrid Cloud Recognized for Best Security Software and Best New Product

Herndon, VA – April 30, 2013 – Xceedium, the premier provider of privileged identity management for the hybrid cloud, today announced its selection as a finalist in Network Product Guide’s 2013 Hot Companies and Best Products Awards within the Best Products Security Software and Best New Product categories. The Network Product Guide Awards honor the best in organizational performance, innovations, products and services from every facet of the IT industry. Winners will be announced during the 8th annual dinner in Las Vegas on Tuesday, May 7th, 2013.

Network Product Guide’s selection of Xceedium as a finalist in the Best Product Security Software and Best New Product categories was driven by the company’s new Xsuite for VMware vSphere, an extension of Xceedium’s flagship Xsuite platform. Xceedium’s Xsuite prevents privileged users–both employees and third parties–from harming critical systems and data. Xsuite for VMware vSphere extends Xsuite privileged identity management controls to both the VMware vCenter Server management console and guest systems; as well as other virtual infrastructure.

Xsuite is the first and only privileged identity management solution protecting the entire hybrid cloud, including comprehensive support for traditional data center systems and resources; the Amazon Web Services cloud platform; and virtual environments. It prevents damage and loss while generating alerts and forensic data through complete session monitoring and recording. Xsuite is engineered for highly elastic virtual environments–tight integration with vSphere allows Xsuite to automatically discover and apply privileged user access controls over new virtual machines, as they appear.

“Xsuite’s selection as a finalist further validates its position as the only next generation privileged identity management platform capable of meeting the demanding security and compliance requirements our enterprise customers encounter as they adopt hybrid cloud architectures,” said Glenn Hazard, Xceedium CEO. “I am confident that our team will continue to build on this momentum and industry recognition and continue to provide our customers with the most innovative solutions in the market.”

SRA is designed for use by security personnel and external auditors responsible for helping large enterprises identify and address IT security risk and compliance issues. SRA is curently available for free to any qualified user upon qualification by an SSH solutions consultant.

What SRA can do for you:
Risk Reporting:
•Generate a report to identify:
•Total amounts of keys and related users
•Host OS platforms and SSH versions
•Known and unknown trust-relationships
•Amount of root authorizations
•User keys without command restrictions
•User keys without source address or host
•Scan environment for SSH user and host keys •Duplicate/shared private keys
•Private keys without passphrase protection
•Key age, algorithms and lengths
•User keys in non-root owned directories and writable by non-root users.
•Reachability analysis to determine potential damage due to a compromised private key

Compare findings with:
•Current IAM tracking to identify undocumented and/or unauthorized keys
•SSH version and access policies
•Key cryptography policies
•Key rotation practices

Compliance Reporting:
•SOX DS 5.8 Cryptographic key management for secure key storage and revocation
•HIPAA Information Access requirements for key protection, strength, age, access and audit
•NIST/FISMA section C.2.2 requirements for structured and documented process for key allocation, distribution and tracking. Key algorithm enforcement and tracking
•NERC CIP-007-4 R5 Account Management requirements
•PCI section 8.5.x access controls (SSH under consideration for PCI V3)

Technical Specifications

Supported platforms for scanning
• HP-UX 11iv1, 11iv2, 11iv3
•IBM AIX 5.3, 6.1, 7.1
•Oracle Solaris 9, 10, 11 (SPARC)
•Oracle Enterprise Linux 5.4, 5.5, 5.6, 5.7
•Red Hat Enterprise Linux 4, 5, 6
•SUSE Linux Enterprise Server 10, 11

Supported SSH versions
•Tectia 6.0 or newer
•OpenSSH 4.0 or newer

System dependencies for scanning
•All scanned system must have Perl 5.6 or later installed

Supported platform for analysis tool
•Linux x86-64

Contact us if you would like more information for this: marketing@quantiqint.com

Named the SSH Risk Assessor (SRA), the company claimed that it identifies an organisation’s compliance status with relevant standards, assesses actions needed to achieve compliance and provides an understanding of the current state of the SSH environment.

According to the company, the free tool enables internal and external audit and security teams to collect SSH key information across the environment and provide an assessment of risk exposure. The tool highlights known vulnerabilities in the environment, basic statistics on SSH keys deployed and specific violations of current best practices.

Tatu Ylönen, CEO and founder of SSH Communications Security, told SC Magazine that the current state of SSH key management is so bad that it is currently welcoming comment on its draft document around best practice for this technology.

He said: “SRA provides an easy way for enterprises and government agencies to determine if there are risk and compliance issues with respect to who has access to what information in their SSH environment.”

He said that this will create a script to run on each server to analyse it and build a picture of the servers to let users know how many keys they have and help them build a remediation project.

“It is a free tool to show what your situation is without having to make any modifications to your systems,” he said. “It is free now to auditors and eventually we will make it free to everyone.”

In Biology, DNA encodes the genetic instructions used in the development and functioning of all known living organisms. DNA is found in every living cell and is the foundation for control over the organism.

The same could be said about privileged and administrative accounts in the enterprise. These powerful accounts are at the root of almost every enterprise function and exist throughout the IT infrastructure. These accounts are found on desktops, laptops, databases, applications, network devices, and throughout cloud deployments.

Organizations want to manage these powerful accounts in order to minimize the associated risk of leaving them unattended constituting critical points of attack on the organization. However, often organizations are not aware just how many privileged accounts they have or where they exist. Since this information is scattered across the organization there is a real challenge to attain a true picture as to the status of privileged accounts.

This is why Cyber-Ark recently introduced Cyber-Ark DNA™ (Discovery & Audit) – the industry’s first stand alone solution that rapidly locates all privileged, shared and generic accounts without having to install anything on target machines.

Identifying privileged accounts has traditionally been a manual process – taking hundreds of hours of time from IT and creating a long and complex audit process. Given the number and variety of privileged accounts, identifying these accounts manually and gaining an accurate picture when they were last changed or used, has been impossible. Cyber-Ark DNA is the Watson/Crick of the Privileged Account Genome – enabling organizations to expose the magnitude of the privileged account security risk within their organization and get accurate insight into the compliance status of these accounts in preparation for the next audit.

Identifying the Privileged Pathway

Cyber-Ark is currently offering businesses the opportunity to use Cyber-Ark DNA for a free self-assessment to discover where their privileged accounts – and risk – exist.

One customer, who wished to remain anonymous, recently used Cyber-Ark DNA and made some startling discoveries. The company was looking for a solution to manage privileged domain accounts. Cyber-Ark DNA was run on about 100 servers. This included servers that were part of the company’s effort to outsource some IT functions.

Cyber-Ark DNA discovered two things across these servers:
Some of the servers scanned had unmanaged admin accounts created by the IT outsourcer and had not been changed for more than 200 days, despite being used recently which presented a tremendous security risk;
Employees who had left the company created personal admin accounts which was a substantial audit finding

This discovery led to significant policy changes for the organization and put the management of local admins on a much higher priority level.

Why is this important? Privileged accounts are increasingly being used as high value attack points in almost every advanced attack, and were the root cause of breaches such as Saudi Aramco, Stuxnet, Red October, Subway Restaurants, Global Payments, the Utah and South Carolina breaches, and the U.S. Department of Energy among others.

Every privileged account is a potential attack point. Unmanaged and unprotected privileged accounts are a white flag to cyber-attackers that indicates your intellectual property and sensitive data is open for business.

Learn more about Cyber-Ark DNA and get a free assessment