KuppingerCole Report
Whitepaper
By Martin Kuppinger

Manage privileged access from everyone & everywhere. Understand your risks. Become compliant.

Privileged Accounts are the high-risk accounts – and they are the target of attackers, both internals and externals. SOCs must implement modern Privilege Management as part of their overall toolset, for identifying and countering attacks. Session Monitoring and Privileged User Behavior Analytics are cornerstones of a modern SOC.

1 Introduction

The IT landscape is undergoing its biggest change at least since the introduction of the PC. Cloud services and mobile devices stand for the hyper-con ...

Login Free 30-day Select Access Get full Access

2 Highlights

  • The changing requirements of SOCs: New types of attacks and the increase in numbers require new approaches for countering attacks
  • Regulatory compl ...
Login Free 30-day Select Access Get full Access

3 SOCs, Risks, and Compliance

Ever-increasing cyber-risks and the growing number of ever-tightening regulations and audits change the requirements for SOCs and Privilege Management ...

Login Free 30-day Select Access Get full Access

3.1 The changing Risk Landscape

Over the past years, external attacks increased massively. On the other hand, internal attacks remain at a high level, with many of the internal attac ...

Login Free 30-day Select Access Get full Access

3.2 The ever-tightening Regulations

While the risks grow, organizations are on the other hand facing ever-tightening requirements for regulatory compliance. Over the past years, the numb ...

Login Free 30-day Select Access Get full Access

3.3 The changing Role of SOCs

A central element in fighting the ever-increasing cyber-attacks are SOCs – if organizations have these. In many cases, the IT security department ta ...

Login Free 30-day Select Access Get full Access

3.4 Who are today’s Privileged Users?

The third area of change are the users to deal with. Traditionally, the focus has been on a restricted number of internal, highly privileged users suc ...

The change in both risk perception and factual risks and the growing number of ever-tightening regulations and audits lead to an increase in the numbe ...

Login Free 30-day Select Access Get full Access

4 Privilege Management: Beyond Shared Account Passwords

Privilege Management is changing. While protecting passwords of shared accounts has been the main discipline in past times, analytics and monitoring a ...

Login Free 30-day Select Access Get full Access

4.1 The new scope of Privilege Management

This new scope and role of Privilege Management becomes obvious when looking at the variety of use cases organizations are facing today. Figure 1 illu ...

On the other hand, the perception of what a privileged account is has changed. It is no longer only or primarily the shared account, but every account ...

Login Free 30-day Select Access Get full Access

4.2 The Privilege Management Cycle

In consequence, Privilege Management becomes more complex. When implementing or expanding a Privilege Management approach, organizations must focus on ...

Major questions organizations should raise for themselves are:

  • Do we know about all our privileged accounts?
  • Do we protect all privileged accoun ...
Login Free 30-day Select Access Get full Access

4.3 SOCs and Logs

When looking at the Privilege Management Cycle, there are three phases that require attention, but also new technologies – even more, when looking a ...

Login Free 30-day Select Access Get full Access

4.4 Modern Privilege Management

Modern Privilege Management thus is broader than it has been considered previously. Shared Account Password Management and the related capabilities re ...

Session Management is what enables controlling not only access to certain accounts and sessions, but monitoring, recording, and restricting what happe ...

Login Free 30-day Select Access Get full Access

5 The Balabit Approach on mitigating Risk and achieving Compliance

Balabit provides a platform that support customers in addressing the emerging requirements of modern SOCs and Privilege Management. The three solution ...

Login Free 30-day Select Access Get full Access

5.1 Balabit syslog-ng

Balabit syslog-ng is offered in three different editions. All of these editions add a number of capabilities to the standard syslogd. The entry level ...

Login Free 30-day Select Access Get full Access

5.2 Balabit Shell Control Box

Shell Control Box is a standalone appliance that controls, monitors and audits remote administrative access to servers and network devices. It is deli ...

Login Free 30-day Select Access Get full Access

5.3 Balabit Blindspotter

Blindspotter is the latest addition to the company’s portfolio, released in 2015 as a solution for real-time user behavior analysis to help identify ...

Login Free 30-day Select Access Get full Access

6 Recommendations

KuppingerCole recommends organizations reviewing their Privilege Management approach and taking a broader view on this essential element of their IT S ...

Login Free 30-day Select Access Get full Access

Copyright

©2020 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole Analysts, founded in 2004, is a global analyst company headquartered in Europe focusing on Information Security and Identity and Access Management (IAM). KuppingerCole stands for expertise, thought leadership, outstanding practical relevance, and a vendor-neutral view on the information security market segments, covering all relevant aspects like: Identity and Access Management (IAM), Governance & Auditing Tools, Cloud and Virtualization Security, Information Protection, Mobile as well as Software Security, System and Network Security, Security Monitoring, Analytics & Reporting, Governance, and Organization & Policies.

For further information, please contact clients@kuppingercole.com.

top