- The updated and expanded 2nd edition reflects today’s security challenges and provides strategic recommendations on mitigating these risks using the proven Universal Privilege Management approach
- Part of a three-part Attack Vector series, Privileged Attack Vectors focuses on providing in-depth knowledge of the privileged cyber attack chain and how Privileged Access Management (PAM) solutions protect against and detect privileged attacks, including those targeting remote workers
ATLANTA, June 24, 2020 (GLOBE NEWSWIRE) -- BeyondTrust, the worldwide leader in Privileged Access Management (PAM), today announced the much anticipated second edition of Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations. Authored by Morey Haber, BeyondTrust CTO and CISO and published by Apress, this completely revised and expanded second edition reflects the considerable changes in the world of Privilege Access Management (PAM).
“We’re experiencing an expanding universe of privileged accounts practically everywhere, which then increases the attack surface,” says Morey Haber, author and Chief Technology Officer and CISO at BeyondTrust. “When these accounts are unmanaged, privileged credentials present a significant threat from external hackers and insider threats. Solving these complex and widespread threat vectors requires a unified approach that combines privileged password management, endpoint privilege management, and remote access technologies.”
Nearly half of the content has been revised to reflect today’s new security challenges, with 145 additional pages of new information. New chapters include: Zero Trust, Just in Time, Evidence of Compromise, Credential Stuffing, Unstructured Data, Remote Access, Machine Learning, and Cloud-based Deployments.
The book addresses current issues that challenge today’s IT and security professionals, such as the expanding distributed workforce brought on by coronavirus, and other significant issues that have occurred in the last three years. In early 2017, when the first edition was written, cloud migration was well underway, and organizations widely acknowledged the challenges of a dissolving perimeter. Yet, most employees still worked within that perimeter. DevOps was in force, and being implemented almost everywhere, but development teams were still highly skeptical, or dismissive, of DevOps security best practices. There was leniency among security leaders, thinking Privileged Access Management meant just storing passwords in a vault or safe. And blockchain was the hot topic on everyone’s mind. The new edition addresses the rapid changes we’ve experienced in the cybersecurity landscape.
“There is no one solution that will protect against all vectors and stages of an attack,” states Derek Smith, cybersecurity Associate Professor at the University of Maryland, and Virginia University of Science and Technology. “While some new products help protect against or detect a privilege attack, they won’t stop all malicious activity. This book, Privileged Attack Vectors, focuses on solving Privileged Access Management challenges, using a Universal Privilege Management strategy that can be deployed on-premises or in the cloud.”
This second edition covers new attack vectors, includes updated definitions for PAM, new strategies for defense, tested empirical steps for a successful implementation, and new disciplines for least privilege endpoint management and privileged remote access.
The book details the risks associated with inferior privilege management practices, the techniques that threat actors leverage, and the defensive measures organizations should adopt to mitigate modern threats. It includes:
- Detailed descriptions of the attack vectors used in privileged attacks from stolen passwords to exploits used to escalate privileges
- The modern privileged attack chain and how PAM protects against and detects privilege attacks
- Updated use cases and methodology for deploying a successful Universal Privilege Management program
- New and refined privileged attack vectors, use cases, and deployment considerations on premise, in the cloud, or using hybrid environments
- 10 Steps to Universal Privilege Management, including remote access, remote workers, and the evolving distributed workforce
- Practical machine learning implications for PAM
- Updated regulatory compliance initiatives including CCPA and frameworks like MITRE ATT@CK
Privileged Attack Vectors: Building Effective Cyber-Defense Strategies to Protect Organizations is available in paperback and eBook versions through Amazon or Springer.com.
To learn more, register to attend the July 7th webinar, Privileged Attack Vectors, 10 Steps for Universal Privileged Management.
About BeyondTrust
BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry's most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.
The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. We are trusted by 20,000 customers, including 70 percent of the Fortune 500, and a global partner network. Learn more at www.beyondtrust.com.
Follow BeyondTrust:
Twitter: http://twitter.com/beyondtrust
Blog: www.beyondtrust.com/blog
LinkedIn: http://www.linkedin.com/company/beyondtrust
Facebook: http://www.facebook.com/beyondtrust
For BeyondTrust:
Mike Bradshaw
Connect Marketing for BeyondTrust
P: (801) 373-7888
E: mikeb@connectmarketing.com