BeyondTrust PowerBroker for Windows Tracks and Prevents Lateral Movement Within Enterprise Networks
March 2018 by Marc Jacob
BeyondTrust announced the availability of PowerBroker for Windows version 7.4. This newest release of PowerBroker for Windows introduces new capabilities to break a critical link in the Attack Chain: lateral movement.
Most data breaches happen as a result of an attacker leveraging an exploitable vulnerability or insecure credentials to gain unwanted access to a network. Once they gain access, they target users and accounts to elevate privileges in order to move laterally and achieve their ultimate end. In fact, according to the 2017 Verizon Data Breach Investigations Report, 81 percent of breaches leveraging hacking techniques (misconfigurations, vulnerabilities, or exploits) leveraged stolen or weak passwords as a tactic, up from 63 percent in 2016. Further, breaches are taking organizations months and sometimes years to detect. These two trends point to an even greater need for organizations to eliminate excessive user permissions on endpoints.
PowerBroker for Windows version 7.4 helps organizations monitor and prevent lateral movement and is:
• Flexible –New rules help IT administrators identify suspicious access and activity, and monitor and audit sessions for unauthorized access or changes to files and directories.
• Actionable - IT administrators can either flag the activity or prevent the user from issuing potentially malicious commands. This reduces the attack surface by removing administrator rights from end users and employing fine-grained policy controls for all privileged access, without disrupting productivity.
• Measurable – PowerBroker for Windows includes reports on lateral and suspicious activity by user to measure the end results and effectiveness of the technology.
PowerBroker for Windows is part of the PowerBroker Endpoint Privilege Management Solution that combines best-in-class privilege, password and vulnerability management on top of a centralized reporting and analytics platform. As a result, global organizations of all sizes can efficiently and proactively reduce their privilege attack surface, prevent lateral movement by attackers, and actively detect and respond to in-progress breaches.
PowerBroker for Windows 7.4 is available now.