The Key Privileged Access and Security Implications of Granting Third-Party Vendor Access

BeyondTrust

Several different remote access solutions are built into Microsoft Windows to extend third-party vendors access to your systems. In this webinar, Windows and IT security expert Russell Smith weighs in on the pros and cons of using virtual private networks (VPNs), Workplace Join, Remote Desktop Services, and Web Application Proxy to provide third-party remote access.
Watch Now

Spotlight

We show you the type of attack, or rather the type of vulnerability, the component, and how many times it occurred. Here, the alert, again, while it shows you things like the resolution and the references, the path that it existed in, the method in which this was invoked, there's some actual cool stuff that we show here on the right hand side. We collect things like the method. In this case, it was a post. The confidence level, the evidence, but we also show you the request and response. Here you can see what the request header was, the request body, the response header, as well as the response body. Now from a developer's perspective, if they wanted to replay this, we provide this really nifty command, or rather curl command. When you click this, you actually get a curl command with the actual post url, as well as all the header parameters that were passed to it to be able to simulate this on your local development environment. This makes it very easy for the developer to be able to see what's going on.

OTHER ON-DEMAND WEBINARS

A Modern & Secure Approach for Cyber Security Operation Centers

With 17,000 new cyber security threats discovered every week, finding a solution that improves flexibility, workflows, and the consolidation of data — while maintaining highly efficient monitoring and management capabilities is a must. This roundtable webinar brings Subject Matter Experts from Userful and Swimlane. The panel will discuss the importance of flexible solutions for Cyber Security Operations Centers, improvements for how your SOC manages and monitors critical security applications, and will recommend ways to improve the exchange of real-time data and collaboration between operators.
Watch Now

Intelligent API Cybersecurity, Is Your Agency Protected?

Carahsoft

As government agencies move towards digital transformation, Cyber threats are getting smarter, using social engineering, brute force methods, and even artificial intelligence (AI) to bypass common defenses to gain access to these critical systems and data. To help protect Federal Agencies against an ever-diversifying landscape of cybersecurity threats, Axway and Ping Identity have formed a global partnership to deliver a comprehensive Application program Interface (API) security solution that optimizes security at all levels, from network to application.
Watch Now

Identity Security on the Rails: Simple Solutions to Disrupt Identity-Based Attacks

In today’s distributed work environment, Identity is the new perimeter, so it should come as no surprise that attackers consider identities both on-premises and in the cloud as High-Value Targets. With a valid identity, attackers can move laterally, escalate privileges, identify critical servers, and execute damaging attacks. Fortunately, Identity Security addresses identity risks and detects identity-based attacks.
Watch Now

Solving New Authentication Challenges While Finding Parity Between User Experience and Security

KuppingerCole

Unfortunately, most businesses are making the fundamental mistake when it comes to authentication and are thinking inside-out, but by thinking outside-in, they would automatically put the Customer first. Until now, strong (and not so strong) authentication to services seems to have been driven by an inside-out way of thinking. The institutions think about what works best for them: what fits into their infrastructure; what is the cheapest yet compliant approach? For customers, this means that they must use what their service provider offers to them. Companies must also be aware of insider risks and by implementing a Zero Trust approach of ‘never trust, always verify’, they can better secure the access to their assets. In this KuppingerCole webinar, we will address the following.
Watch Now

Spotlight

We show you the type of attack, or rather the type of vulnerability, the component, and how many times it occurred. Here, the alert, again, while it shows you things like the resolution and the references, the path that it existed in, the method in which this was invoked, there's some actual cool stuff that we show here on the right hand side. We collect things like the method. In this case, it was a post. The confidence level, the evidence, but we also show you the request and response. Here you can see what the request header was, the request body, the response header, as well as the response body. Now from a developer's perspective, if they wanted to replay this, we provide this really nifty command, or rather curl command. When you click this, you actually get a curl command with the actual post url, as well as all the header parameters that were passed to it to be able to simulate this on your local development environment. This makes it very easy for the developer to be able to see what's going on.

resources