ES Episode16

From Paul's Security Weekly
Jump to: navigation, search

Episode Audio

Enterprise Security News


  1. Runtime Application Self-Protection Security Market to Grow at a CAGR of 43.94% During the Period 2016-2020
  2. Cloud-Based Access Provider, Duo Security, Unveils New Single Sign-On Offering for SaaS Applications
  3. New AlienVault Research Finds 76% of Security Professionals Believe Sharing Threat Intelligence Is a Moral Responsibility
  4. Qualys Beefs Up Cloud Tool for Security Consultants
  5. Oracle buys cloud security company Palerra
  6. EiQ Leverages the Latest Cloud Technology to Lower TCO and Drive Faster Time to Value
  7. Skybox Security Launches New Platform For Virtual, Cloud Environments
  8. Darktrace Launches Full Cloud Deployments
  9. Report validates VMware NSX capabilities enable zero-trust model

Privileged Identity Management - The Basics

Definition

  • PIM - Privileged identity management (PIM) is the monitoring and protection of superuser accounts in an organization’s IT environments. Includes the following?
    • Privileged access management
    • Privileged user management
    • Privileged account management
    • Privileged identity management
    • Privileged password management
    • Privileged account security
  • IAM - An identity management access (IAM) system is a framework for business processes that facilitates the management of electronic identities. The framework includes the technology needed to support identity management.
  • Funny: In 1976, IBM® set the standard for security products when RACF® was introduced! RACF provides the functions that let you:
    • identify and verify system users
    • identify, classify, and protect system resources
    • authorize the users who need access to the resources you've protected
    • control the means of access to these resources
    • log and report unauthorized attempts at gaining access to the system and to the protected resources
    • administer security to meet your installation's security goals.

Question

  • What problem are we trying to solve?
  • What problems do they actually solve?
  • What should your goals be for this project?
  • Is this technology for everyone?
  • Who are all the players in the market?