SlideShare ist ein Scribd-Unternehmen logo

The 5 Crazy Mistakes IoT Administrators Make with System Credentials

BeyondTrust
BeyondTrust

In this presentation from his webinar, Rob Black, CISSP, Founder and Managing Principal of Fractional CISO, explores IoT architectures, the different types of credentials in an IoT system, the common challenges with IoT credential management, and what you can do to mitigate the risks of credential-based attacks. You can also watch the full webinar on-demand here: https://www.beyondtrust.com/resources/webinar/5-crazy-mistakes-administrators-make-iot-system-credentials/

Software
1 von 53
Downloaden Sie, um offline zu lesen
The 5 crazy mistakes administrators make with IoT system credentials Rob Black, CISSP Managing Principal Fractional CISO RBlack@FractionalCISO.com @IoTSecurityGuy
October 25, 2016
1. Hardcoded credentials 2. Default passwords 3. Internet accessible 4. Inability to update What went wrong?
Default Passwords & Internet Exposure – Recipe for disaster Source: Understanding the Mirai Botnet, Antonakakis et. all
Source: US Department of Justice Press Release
“Password Spraying” Source: Iranian Hacker Indictment
Five Crazy Mistakes 01 Default / Common Passwords 02 03 04 05
Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 04 05
IoT Architecture Sensor Device Gateway Data Center/Cloud
Every Device Needs a Key Sensor Device Gateway Data Center/Cloud
Market Device Operator Cloud Operator Automotive Car owner/ fleet owner Car manufacturer Building Automation Building management Camera / HVAC / Lighting / Security system manufacturer Financial Bank ATM manufacturer Home Automation Homeowner Camera / Smart speaker / Garage door / Doorbell / Lightbulb manufacturer Medical Devices Hospital Medical Device manufacturer Smart City Municipality Parking meters / Street lights / Camera manufacturer Smart Energy Homeowner / Business owner Electric utility IoT Market Examples
Bootstrapping Trust in the Device
• Every device MUST have a diversified key from every other device (private key, shared secret, or inferred key) • Need scripted process to be able to execute at IoT scale (time of manufacturing or provisioning) Bootstrapping Trust in the Device
• Network key – secures broadcast communication. It is a shared secret between every node for network communication. • Zigbee is based on all elements of the solution trusting each other • Most Home Automation devices operate in the least secure mode Zigbee – Smart Home / Home Automation
You have a great password: i_hv*A-gr8-p$$w0rD But you use the same password everywhere: What happens when one of them is hacked? All are compromised!
Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 05
Scale Many unmanned devices Operating Environment Crosses organizational boundaries Technology Variance Many small devices / different operating systems / mixed technology Consequences Things that go boom Why IoT Security is Different
Device Credential Sources Local Remote ApplicationsUsers Local User Local Admin Database Local Application Cloud Application Third-Party Vendor Remote User Remote Admin
Unaccounted for Credentials • Many credentials • Owned by different organizations • Do you have them mapped out? • Do you have strong keys / passwords for all of those credentials? • Are you rotating the keys / passwords appropriately?
Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 Non-Expiring / Long Expiring Credentials 05
Credential type Length Typical Corporate Password 90 days Newly issued SSL Certificates 2 years Typical Credit Card 2-4 years Massachusetts Driver’s License 5 years US Passport 10 years AWS IoT x.509 certificate 30+ years! Common Credential Expiration
• More convenient to leave non/long-expiring credentials • IoT credential expiration can be difficult to manage • Unmanned devices • Many could expire at the same time • Requires a deliberate plan for managing credentials Credential Expiration
Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 Non-Expiring / Long Expiring Credentials 05 Not Turning Off Former Employee Access
Smart Water Meters Smart Meter Base Station Data Center
Smart Water Meters Smart Meter Base Station Data Center X X X
1. Disable ex-employee accounts 2. Change system passwords upon administrative employee’s departure 3. Audit authorized VPN users 4. Use Privileged Access Management (PAM) What should you do to minimize damage from ex-employees?
Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 Non-Expiring / Long Expiring Credentials 05 Not Turning Off Former Employee Access
Read the white paper! https://www.beyondtrust.com/resources/white- paper/iiot-security-managing-identities-privileges/ For help putting an IoT cybersecurity plan in place, please contact us: Rob Black, CISSP Fractional CISO +1 617.658.3276 RBlack@FractionalCISO.com @IoTSecurityGuy Next Steps
BeyondTrust IoT & PAM Rod Simmons – Product Manager
The Cyber Attack Chain – Where is the Risk? Vulnerable Assets & Users Unmanaged Credentials Excessive Privileges Limited Visibility of compromises used definable patterns established as early as 2014.188% of data breaches involve the use or abuse of privileged credentials on the endpoint.2 80% average days to detect a data breach.3206 1Verizon 2017 Data Breach Investigations Report 2Forrester Wave: Privileged Identity Management, Q3 2016 3Ponemon 2017 Cost of a Data Breach Study
The Cyber Attack Chain – Getting More Complex Virtual & Cloud IoT DevOps Connected Systems growth of hybrid cloud adoption in the last year, increasing from 19% to 57% of organizations surveyed.1 3X billion connected things will be in use worldwide in by 2020, according to Gartner. 2 20.4 of organizations implementing DevOps – it has reached “Escape Velocity.”350% 1Forbes 2017 State of Cloud Adoption & Security 2Gartner Press Release, Gartner Says 8.4 Billion Connected “Things” Will Be in Use in 2017, Up 31% From 2016, Feb 7, 2017 3Forrester Q1 2017 Global DevOps Benchmark Online Survey
Our Mission: Stop Privilege Abuse. Prevent Breaches. • Reduce attack surfaces by eliminating credential sharing, enforcing least privilege, and prioritizing and patching system vulnerabilities • Monitor and audit sessions for unauthorized access, changes to files and directories, and compliance • Analyze behavior to detect suspicious user, account and asset activity
Internal Employees Client- Server Partners & Contractors WWW Mobile Cloud & IoT Remote Employees DevOps / A2A / A2DB The New Perimeter Evolving Infrastructure ExpandingAccounts More people, processes and technology have access to your systems and data than ever before. Mainstream adoption DevOps 60% Cloud 15% 56%IoT
Cloud Cloud Management Platforms (AWS, Azure) SaaS Applications (Facebook, LinkedIn, Custom) Hybrid Cloud Virtualized Environments (VMWare, MSFT) Virtualized Machines (UNIX, Linux, Windows) IoT Roaming workstations BYOD Cameras Sensors Printers DevOps DevOps Tools Dynamic Virtual Environments Containers Microservices On-Premise Shared Administrator & Machine Accounts Desktops and Servers (Windows, Mac, Unix, Linux) Security & Network Infrastructures & Industrial Control Systems Apps, Databases & Servers Hypervisors & Virtual Machine Privilege Management – The New Perimeter
Cloud Hybrid Cloud IoT DevOps On-Premise Privilege Management – The New Perimeter Reduce Insider Threats • Discover, manage & monitor all privileged accounts & keys • Enforce least privilege across all Windows, Mac, Unix, Linux and network endpoints • Gain control and visibility over privileged activities Stop External Hacking • Discover network, web, mobile, cloud and virtual infrastructure • Remediate vulnerabilities through prescriptive reporting • Protect endpoints against client-side attacks Reveal Hidden Threats • Aggregate users & asset data to baseline and track behavior • Correlate diverse asset, user & threat activity to reveal critical risks • Dynamically adjust access policies based on user and asset risk
IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS
IoT & PAM: Best Practices GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS DISCOVER & INVENTORY Continuous discovery of IoT assets across physical, virtual and cloud environments.
IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS SCAN FOR VULNERABILITIES Continuous vulnerability assessment and remediation guidance of the IoT infrastructure and across adjacent physical, virtual and cloud environments.
IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS ENSURE CONFIGURATION COMPLIANCE Continuous configuration and hardening baseline scanning across physical, virtual and cloud deployed assets. Ensure configurations are consistent and properly hardened.
IoT & PAM: Best Practices DISCOVER & INVENTORY ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS GAIN ACCOUNTABILITY OVER SHARED ACCOUTS Control and audit access to shared accounts and ensure that all audited activity is associated with a unique identity. Ensure that all passwords are properly managed and rotated across the IoT environment.
IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS ELIMINATE HARD-CODED PASSWORDS Control scripts, files, code, embedded IoT passwords. Eliminate hard-coded credentials and replace with dynamic API/CLI calls
IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE SEGMENT NETWORKS ENFORCE APPROPRIATE CREDENTIAL USAGE Eliminate administrator privileges on end- user machines Securely store privileged IoT credentials Require a simple workflow process for check-out, and monitor privileged sessions.
IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS Group IoT assets into logical units to reduce “line of sight” access Utilize a secured jump server with MFA, adaptive access and session monitoring Segment access based on context of the user, role, IoT device and data being requested.
IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS RESTRICT PRIVILEGES Enforce least privilege across physical, virtual and cloud deployed assets.
BeyondTrust Secures IoT DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS POWERBROKER Single Platform that Unites IoT Security Retina Vulnerability Management PowerBroker Password Safe PowerBroker Desktop & Server Privilege Management Retina Vulnerability Management Retina Vulnerability Management PowerBroker Password Safe PowerBroker Password Safe PowerBroker Password Safe POWERBROKER Single Platform that Unites IoT Security
Why BeyondTrust? The PAM Industry Leader Leader: Forrester PIM Wave, 2016 Leader: Gartner Market Guide for PAM, 2017
DEMO
Poll + Q&A Thank you for attending!

Empfohlen

Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
BeyondTrust
 
Unearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your EnterpriseUnearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your Enterprise
BeyondTrust
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management Program
BeyondTrust
 
Crush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access ManagementCrush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access Management
BeyondTrust
 
SIEM 101: Get a Clue About IT Security Analysis
SIEM 101: Get a Clue About IT Security Analysis SIEM 101: Get a Clue About IT Security Analysis
SIEM 101: Get a Clue About IT Security Analysis
AlienVault
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVault
AlienVault
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
AlienVault
 

Empfohlen

Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
Sudo Mode (part 2): How Privilege Mistakes could Dismantle your Entire Enterp...
BeyondTrust
 
Unearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your EnterpriseUnearth Active Directory Threats Before They Bury Your Enterprise
Unearth Active Directory Threats Before They Bury Your Enterprise
BeyondTrust
 
Tips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management ProgramTips to Remediate your Vulnerability Management Program
Tips to Remediate your Vulnerability Management Program
BeyondTrust
 
Crush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access ManagementCrush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access Management
BeyondTrust
 
SIEM 101: Get a Clue About IT Security Analysis
SIEM 101: Get a Clue About IT Security Analysis SIEM 101: Get a Clue About IT Security Analysis
SIEM 101: Get a Clue About IT Security Analysis
AlienVault
 
Configuring Data Sources in AlienVault
Configuring Data Sources in AlienVaultConfiguring Data Sources in AlienVault
Configuring Data Sources in AlienVault
AlienVault
 
How to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USMHow to Simplify PCI DSS Compliance with AlienVault USM
How to Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
AlienVault
 
Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
AlienVault
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
AlienVault
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
AlienVault
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
laonap166
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
Priyanka Aash
 
"EL ATAQUE INTERNO"
"EL ATAQUE INTERNO""EL ATAQUE INTERNO"
"EL ATAQUE INTERNO"
Jose Luis Balbiano
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
AlienVault
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
AlienVault
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysQualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
Risk Analysis Consultants, s.r.o.
 
Observe It Presentation
Observe It PresentationObserve It Presentation
Observe It Presentation
tsteh
 
Overview of Google’s BeyondCorp Approach to Security
Overview of Google’s BeyondCorp Approach to Security Overview of Google’s BeyondCorp Approach to Security
Overview of Google’s BeyondCorp Approach to Security
Priyanka Aash
 
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...
Symantec
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
AlienVault
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021
Wendy Knox Everette
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Qualys
 
IBM QRadar BB & Rules
IBM QRadar BB & RulesIBM QRadar BB & Rules
IBM QRadar BB & Rules
Muhammad Abdel Aal
 
Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVault
AlienVault
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
Qualys
 
SIEM
SIEMSIEM
SIEM
Napier University
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
Jim Kaplan CIA CFE
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 Networks
Harry Gunns
 

Weitere ähnliche Inhalte

Was ist angesagt?

Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
Priyanka Aash
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
AlienVault
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
AlienVault
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021
Wendy Knox Everette
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Qualys
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
Qualys
 

Was ist angesagt? (20)

Improve Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation DirectivesImprove Security Visibility with AlienVault USM Correlation Directives
Improve Security Visibility with AlienVault USM Correlation Directives
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
 
Open Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's GuideOpen Source IDS Tools: A Beginner's Guide
Open Source IDS Tools: A Beginner's Guide
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
"EL ATAQUE INTERNO"
"EL ATAQUE INTERNO""EL ATAQUE INTERNO"
"EL ATAQUE INTERNO"
 
Improve Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USMImprove Threat Detection with OSSEC and AlienVault USM
Improve Threat Detection with OSSEC and AlienVault USM
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysQualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
 
Observe It Presentation
Observe It PresentationObserve It Presentation
Observe It Presentation
 
Overview of Google’s BeyondCorp Approach to Security
Overview of Google’s BeyondCorp Approach to Security Overview of Google’s BeyondCorp Approach to Security
Overview of Google’s BeyondCorp Approach to Security
 
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
 
Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021Lets talk about soc2s, baby! BSidesLV 2021
Lets talk about soc2s, baby! BSidesLV 2021
 
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
Webcast Series #1: Continuous Security and Compliance Monitoring for Global I...
 
IBM QRadar BB & Rules
IBM QRadar BB & RulesIBM QRadar BB & Rules
IBM QRadar BB & Rules
 
Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVault
 
Automating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and ComplianceAutomating Critical Security Controls for Threat Remediation and Compliance
Automating Critical Security Controls for Threat Remediation and Compliance
 
SIEM
SIEMSIEM
SIEM
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 

Ähnlich wie The 5 Crazy Mistakes IoT Administrators Make with System Credentials

Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
Jim Kaplan CIA CFE
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 Networks
Harry Gunns
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
Jim Kaplan CIA CFE
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
Jim Kaplan CIA CFE
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
Sumana Mehta
 
Cloud computing present
Cloud computing presentCloud computing present
Cloud computing present
James Sutter
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Abhinav Biswas
 

Ähnlich wie The 5 Crazy Mistakes IoT Administrators Make with System Credentials (20)

Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 Networks
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
Cloud computing present
Cloud computing presentCloud computing present
Cloud computing present
 
Smart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud WorldSmart Identity for the Hybrid Multicloud World
Smart Identity for the Hybrid Multicloud World
 
IAM for mobile and BYOD
IAM for mobile and BYODIAM for mobile and BYOD
IAM for mobile and BYOD
 
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
Eyes Wide Shut: Cybersecurity Smoke & Mirrors...
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted SubjectsHow to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
 
Top five configuration security errors and how to avoid them - DEM09-S - Chic...
Top five configuration security errors and how to avoid them - DEM09-S - Chic...Top five configuration security errors and how to avoid them - DEM09-S - Chic...
Top five configuration security errors and how to avoid them - DEM09-S - Chic...
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
Security and-visibility
Security and-visibilitySecurity and-visibility
Security and-visibility
 
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS SummitTop 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
Top 5 security errors and how to avoid them - DEM06-S - Mexico City AWS Summit
 
Emerging application and data protection for multi cloud
Emerging application and data protection for multi cloudEmerging application and data protection for multi cloud
Emerging application and data protection for multi cloud
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
 

Mehr von BeyondTrust

5 Steps to Privilege Readiness (infographic)
5 Steps to Privilege Readiness (infographic)5 Steps to Privilege Readiness (infographic)
5 Steps to Privilege Readiness (infographic)
BeyondTrust
 
Securing DevOps through Privileged Access Management
Securing DevOps through Privileged Access ManagementSecuring DevOps through Privileged Access Management
Securing DevOps through Privileged Access Management
BeyondTrust
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
BeyondTrust
 
Unix / Linux Privilege Management: What a Financial Services CISO Cares About
Unix / Linux Privilege Management: What a Financial Services CISO Cares AboutUnix / Linux Privilege Management: What a Financial Services CISO Cares About
Unix / Linux Privilege Management: What a Financial Services CISO Cares About
BeyondTrust
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
BeyondTrust
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
BeyondTrust
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
BeyondTrust
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
BeyondTrust
 
Prevent Data Leakage Using Windows Information Protection (WIP)
Prevent Data Leakage Using Windows Information Protection (WIP)Prevent Data Leakage Using Windows Information Protection (WIP)
Prevent Data Leakage Using Windows Information Protection (WIP)
BeyondTrust
 
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
BeyondTrust
 

Mehr von BeyondTrust (20)

10 Steps to Better Windows Privileged Access Management
10 Steps to Better Windows Privileged Access Management10 Steps to Better Windows Privileged Access Management
10 Steps to Better Windows Privileged Access Management
 
5 Steps to Privilege Readiness (infographic)
5 Steps to Privilege Readiness (infographic)5 Steps to Privilege Readiness (infographic)
5 Steps to Privilege Readiness (infographic)
 
8-step Guide to Administering Windows without Domain Admin Privileges
8-step Guide to Administering Windows without Domain Admin Privileges8-step Guide to Administering Windows without Domain Admin Privileges
8-step Guide to Administering Windows without Domain Admin Privileges
 
Securing DevOps through Privileged Access Management
Securing DevOps through Privileged Access ManagementSecuring DevOps through Privileged Access Management
Securing DevOps through Privileged Access Management
 
Active Directory Auditing Tools: Building Blocks or just a Handful of Dust?
Active Directory Auditing Tools: Building Blocks or just a Handful of Dust?Active Directory Auditing Tools: Building Blocks or just a Handful of Dust?
Active Directory Auditing Tools: Building Blocks or just a Handful of Dust?
 
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing WindowsAvoiding the 10 Deadliest and Most Common Sins for Securing Windows
Avoiding the 10 Deadliest and Most Common Sins for Securing Windows
 
Unix / Linux Privilege Management: What a Financial Services CISO Cares About
Unix / Linux Privilege Management: What a Financial Services CISO Cares AboutUnix / Linux Privilege Management: What a Financial Services CISO Cares About
Unix / Linux Privilege Management: What a Financial Services CISO Cares About
 
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
Why Federal Systems are Immune from Ransomware...& other Grim Fairy Tales)
 
Mitigating Risk in Aging Federal IT Systems
Mitigating Risk in Aging Federal IT SystemsMitigating Risk in Aging Federal IT Systems
Mitigating Risk in Aging Federal IT Systems
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...Hacker techniques for bypassing existing antivirus solutions & how to build a...
Hacker techniques for bypassing existing antivirus solutions & how to build a...
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
 
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation AttacksUsing Advanced Threat Analytics to Prevent Privilege Escalation Attacks
Using Advanced Threat Analytics to Prevent Privilege Escalation Attacks
 
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
Eyes Wide Shut: What Do Your Passwords Do When No One is Watching?
 
Prevent Data Leakage Using Windows Information Protection (WIP)
Prevent Data Leakage Using Windows Information Protection (WIP)Prevent Data Leakage Using Windows Information Protection (WIP)
Prevent Data Leakage Using Windows Information Protection (WIP)
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling Access
 
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy Defense in Depth: Implementing a Layered Privileged Password Security Strategy
Defense in Depth: Implementing a Layered Privileged Password Security Strategy
 
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
 
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
Managing Unix Accounts in Today's Complex World: Stop the Shadow IT and Be Mo...
 
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
 

Kürzlich hochgeladen

The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
ayushiqss
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Delhi Call girls
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 

Kürzlich hochgeladen (20)

The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 

The 5 Crazy Mistakes IoT Administrators Make with System Credentials

  • 1. The 5 crazy mistakes administrators make with IoT system credentials Rob Black, CISSP Managing Principal Fractional CISO RBlack@FractionalCISO.com @IoTSecurityGuy
  • 2.
  • 4. 1. Hardcoded credentials 2. Default passwords 3. Internet accessible 4. Inability to update What went wrong?
  • 5. Default Passwords & Internet Exposure – Recipe for disaster Source: Understanding the Mirai Botnet, Antonakakis et. all
  • 6. Source: US Department of Justice Press Release
  • 8.
  • 9. Five Crazy Mistakes 01 Default / Common Passwords 02 03 04 05
  • 10. Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 04 05
  • 11. IoT Architecture Sensor Device Gateway Data Center/Cloud
  • 12. Every Device Needs a Key Sensor Device Gateway Data Center/Cloud
  • 13. Market Device Operator Cloud Operator Automotive Car owner/ fleet owner Car manufacturer Building Automation Building management Camera / HVAC / Lighting / Security system manufacturer Financial Bank ATM manufacturer Home Automation Homeowner Camera / Smart speaker / Garage door / Doorbell / Lightbulb manufacturer Medical Devices Hospital Medical Device manufacturer Smart City Municipality Parking meters / Street lights / Camera manufacturer Smart Energy Homeowner / Business owner Electric utility IoT Market Examples
  • 15. • Every device MUST have a diversified key from every other device (private key, shared secret, or inferred key) • Need scripted process to be able to execute at IoT scale (time of manufacturing or provisioning) Bootstrapping Trust in the Device
  • 16. • Network key – secures broadcast communication. It is a shared secret between every node for network communication. • Zigbee is based on all elements of the solution trusting each other • Most Home Automation devices operate in the least secure mode Zigbee – Smart Home / Home Automation
  • 17.
  • 18. You have a great password: i_hv*A-gr8-p$$w0rD But you use the same password everywhere: What happens when one of them is hacked? All are compromised!
  • 19. Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 05
  • 20. Scale Many unmanned devices Operating Environment Crosses organizational boundaries Technology Variance Many small devices / different operating systems / mixed technology Consequences Things that go boom Why IoT Security is Different
  • 21. Device Credential Sources Local Remote ApplicationsUsers Local User Local Admin Database Local Application Cloud Application Third-Party Vendor Remote User Remote Admin
  • 22. Unaccounted for Credentials • Many credentials • Owned by different organizations • Do you have them mapped out? • Do you have strong keys / passwords for all of those credentials? • Are you rotating the keys / passwords appropriately?
  • 23. Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 Non-Expiring / Long Expiring Credentials 05
  • 24.
  • 25. Credential type Length Typical Corporate Password 90 days Newly issued SSL Certificates 2 years Typical Credit Card 2-4 years Massachusetts Driver’s License 5 years US Passport 10 years AWS IoT x.509 certificate 30+ years! Common Credential Expiration
  • 26. • More convenient to leave non/long-expiring credentials • IoT credential expiration can be difficult to manage • Unmanned devices • Many could expire at the same time • Requires a deliberate plan for managing credentials Credential Expiration
  • 27. Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 Non-Expiring / Long Expiring Credentials 05 Not Turning Off Former Employee Access
  • 28.
  • 29. Smart Water Meters Smart Meter Base Station Data Center
  • 30. Smart Water Meters Smart Meter Base Station Data Center X X X
  • 31. 1. Disable ex-employee accounts 2. Change system passwords upon administrative employee’s departure 3. Audit authorized VPN users 4. Use Privileged Access Management (PAM) What should you do to minimize damage from ex-employees?
  • 32. Five Crazy Mistakes 01 Default / Common Passwords 02 Non-Diversified Keys 03 Unaccounted for Credentials 04 Non-Expiring / Long Expiring Credentials 05 Not Turning Off Former Employee Access
  • 33. Read the white paper! https://www.beyondtrust.com/resources/white- paper/iiot-security-managing-identities-privileges/ For help putting an IoT cybersecurity plan in place, please contact us: Rob Black, CISSP Fractional CISO +1 617.658.3276 RBlack@FractionalCISO.com @IoTSecurityGuy Next Steps
  • 34. BeyondTrust IoT & PAM Rod Simmons – Product Manager
  • 35. The Cyber Attack Chain – Where is the Risk? Vulnerable Assets & Users Unmanaged Credentials Excessive Privileges Limited Visibility of compromises used definable patterns established as early as 2014.188% of data breaches involve the use or abuse of privileged credentials on the endpoint.2 80% average days to detect a data breach.3206 1Verizon 2017 Data Breach Investigations Report 2Forrester Wave: Privileged Identity Management, Q3 2016 3Ponemon 2017 Cost of a Data Breach Study
  • 36. The Cyber Attack Chain – Getting More Complex Virtual & Cloud IoT DevOps Connected Systems growth of hybrid cloud adoption in the last year, increasing from 19% to 57% of organizations surveyed.1 3X billion connected things will be in use worldwide in by 2020, according to Gartner. 2 20.4 of organizations implementing DevOps – it has reached “Escape Velocity.”350% 1Forbes 2017 State of Cloud Adoption & Security 2Gartner Press Release, Gartner Says 8.4 Billion Connected “Things” Will Be in Use in 2017, Up 31% From 2016, Feb 7, 2017 3Forrester Q1 2017 Global DevOps Benchmark Online Survey
  • 37. Our Mission: Stop Privilege Abuse. Prevent Breaches. • Reduce attack surfaces by eliminating credential sharing, enforcing least privilege, and prioritizing and patching system vulnerabilities • Monitor and audit sessions for unauthorized access, changes to files and directories, and compliance • Analyze behavior to detect suspicious user, account and asset activity
  • 38. Internal Employees Client- Server Partners & Contractors WWW Mobile Cloud & IoT Remote Employees DevOps / A2A / A2DB The New Perimeter Evolving Infrastructure ExpandingAccounts More people, processes and technology have access to your systems and data than ever before. Mainstream adoption DevOps 60% Cloud 15% 56%IoT
  • 39. Cloud Cloud Management Platforms (AWS, Azure) SaaS Applications (Facebook, LinkedIn, Custom) Hybrid Cloud Virtualized Environments (VMWare, MSFT) Virtualized Machines (UNIX, Linux, Windows) IoT Roaming workstations BYOD Cameras Sensors Printers DevOps DevOps Tools Dynamic Virtual Environments Containers Microservices On-Premise Shared Administrator & Machine Accounts Desktops and Servers (Windows, Mac, Unix, Linux) Security & Network Infrastructures & Industrial Control Systems Apps, Databases & Servers Hypervisors & Virtual Machine Privilege Management – The New Perimeter
  • 40. Cloud Hybrid Cloud IoT DevOps On-Premise Privilege Management – The New Perimeter Reduce Insider Threats • Discover, manage & monitor all privileged accounts & keys • Enforce least privilege across all Windows, Mac, Unix, Linux and network endpoints • Gain control and visibility over privileged activities Stop External Hacking • Discover network, web, mobile, cloud and virtual infrastructure • Remediate vulnerabilities through prescriptive reporting • Protect endpoints against client-side attacks Reveal Hidden Threats • Aggregate users & asset data to baseline and track behavior • Correlate diverse asset, user & threat activity to reveal critical risks • Dynamically adjust access policies based on user and asset risk
  • 41. IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS
  • 42. IoT & PAM: Best Practices GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS DISCOVER & INVENTORY Continuous discovery of IoT assets across physical, virtual and cloud environments.
  • 43. IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS SCAN FOR VULNERABILITIES Continuous vulnerability assessment and remediation guidance of the IoT infrastructure and across adjacent physical, virtual and cloud environments.
  • 44. IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS ENSURE CONFIGURATION COMPLIANCE Continuous configuration and hardening baseline scanning across physical, virtual and cloud deployed assets. Ensure configurations are consistent and properly hardened.
  • 45. IoT & PAM: Best Practices DISCOVER & INVENTORY ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS GAIN ACCOUNTABILITY OVER SHARED ACCOUTS Control and audit access to shared accounts and ensure that all audited activity is associated with a unique identity. Ensure that all passwords are properly managed and rotated across the IoT environment.
  • 46. IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS ELIMINATE HARD-CODED PASSWORDS Control scripts, files, code, embedded IoT passwords. Eliminate hard-coded credentials and replace with dynamic API/CLI calls
  • 47. IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE SEGMENT NETWORKS ENFORCE APPROPRIATE CREDENTIAL USAGE Eliminate administrator privileges on end- user machines Securely store privileged IoT credentials Require a simple workflow process for check-out, and monitor privileged sessions.
  • 48. IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS Group IoT assets into logical units to reduce “line of sight” access Utilize a secured jump server with MFA, adaptive access and session monitoring Segment access based on context of the user, role, IoT device and data being requested.
  • 49. IoT & PAM: Best Practices DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS RESTRICT PRIVILEGES Enforce least privilege across physical, virtual and cloud deployed assets.
  • 50. BeyondTrust Secures IoT DISCOVER & INVENTORY GAIN ACCOUNTABILITY OVER SHARED ACCOUTS ELIMINATE HARD- CODED PASSWORDS RESTRICT PRIVILEGES SCAN FOR VULNERABILITIES ENSURE CONFIG- URATION COMPLIANCE ENFORCE APPROPRIATE CREDENTIAL USAGE SEGMENT NETWORKS POWERBROKER Single Platform that Unites IoT Security Retina Vulnerability Management PowerBroker Password Safe PowerBroker Desktop & Server Privilege Management Retina Vulnerability Management Retina Vulnerability Management PowerBroker Password Safe PowerBroker Password Safe PowerBroker Password Safe POWERBROKER Single Platform that Unites IoT Security
  • 51. Why BeyondTrust? The PAM Industry Leader Leader: Forrester PIM Wave, 2016 Leader: Gartner Market Guide for PAM, 2017
  • 52. DEMO
  • 53. Poll + Q&A Thank you for attending!