Ivanti at Microsoft Ignite 2018: Beaches Are Better Than Breaches
Microsoft Ignite is just around the corner—as is the Microsoft attendee celebration at Universal, where I will as usual spend all my time at The Wizarding World of Harry Potter. As one does.
But I digress.
Before any show, I like to plan out more than how I’ll hit as much of the entertainment as possible before admitting defeat and acknowledging I’m not as young as I used to be. I also like to revisit the cyber security landscape in preparation for the discussions I’ll have with customers and prospects at our booth (#1600). I am there on the company dime, after all, and this is a bigger passion of mine even than Florean Fortescue’s Ice Cream Parlour in Diagon Alley (though, if you haven’t tried the Earl Grey & Lavender confection there, you haven’t lived).
So, back to the matter at hand: What do we know about cyber attackers in 2018?
- They can topple critical infrastructure worldwide.
- Attackers appear to be intent on making that happen.
- Their methods are growing in sophistication.
We know they’re using more than the EternalBlue exploit to infect other systems, for example. Some are using tweaked builds of open source exploitation tool Mimikatz to extract cached network administrator credentials out of a machine’s running memory. In turn they’re using these credentials to commandeer other computers, taking advantage of the fact that far too many organizations employ flat networks where admins on one endpoint can control other machines.
Others are breaking into and surveying a victim’s network before deploying and running malware—getting a lay of the land and figuring out which of various methods of attack is likely to prove fruitful. They’re also changing their tactics during attacks. If one approach doesn’t work, they’ll try another and another.
How can security and IT pros protect their organizations from these kinds of sophisticated, layered attacks? At Ivanti we have a goal of helping you rapidly define the starting point for your own layered defenses and direct your resources to actions with a rapid and high-value payoff.
Ivanti at Ignite: Sept. 24–28 in Orlando, Florida: Booth #1600
At Ignite we’ll be focused on demonstrating the tools experts agree work in tandem to create the largest barriers to modern cyber attacks. We may not be there just to party with other attendees at Universal, but we will be talking about how Security and IT pros can work together to make work less of a firestorm and life more enjoyable overall.
Come see us at booth #1600 for a demo of Ivanti Application Control, for example. We’ll show you how you can take back your admin rights but still enable users to do what they need to. See how we take a full admin back down to a regular user and provide escalation of privileges where and when needed—from access to install applications, install a printer, use PowerShell, or whatever the user may need, but nothing more than what that user should have. You can also take that full administrator and strip away the things they should not have access to. Take PowerShell away, for example, or access to specific capabilities. Limit administrative privilege to specific consoles, applications, services, and commands, reducing the risk of admins introducing malware, halting essential services, or affecting performance of mission-critical services.
But, we were talking layers, yes? Layered attacks and the kinds of layered defenses you need in place to best combat these. We’d love to show you what we’re doing to bring together the granular privilege management and dynamic whitelisting in Ivanti Application Control with Ivanti Patch for Windows, which can patch your physical and virtual Windows environments against exploits like Eternal Blue and offers the largest third-party patch catalog in the world. When the vast majority of software vulnerabilities come third-party applications, you need to know you have comprehensive patch management under control. And we’re integrating industry-leading solutions for three of the security controls considered the most important to have in your arsenal—in one product. Come see how easily you can create a policy to manage patching, application control, and privilege management from a single agent.
While you’re at booth #1600, stick around to see how we can take a vulnerability assessment from whatever vendor you are using—Rapid 7, Tenable, Qualys, BeyondTrust, and so on—find all of the patches that relate to those CVEs, and build a patch group of updates that you can quickly approve for remediation in your environment.
Each time a vulnerability report is handed off to IT, it can take hours of research to identify how to resolve it—time an attacker can make use of to gain a foothold in your organization and access to sensitive data. So, we’ve streamlined this process, helping to protect your environment and enabling you and your team to focus on more strategic projects.
If your jam is SCCM, we’ll show you how this works in that environment. We can do the same thing with our SCCM plug-in, Patch for SCCM.
We’ll also show you how simple we make it to patch third-party applications from within SCCM. Our solution uses just one patch catalog, which also happens to be the largest in the industry, and we provide expertly tested patches that simplify that part of the project off as well. One vendor, one patch catalog, one breezy solution to do it all!
At Ivanti we don’t think the fun and relaxation should begin or end with the attendee celebration at Ignite. Book a 1:1 with our experts to win gift certificates for future vacation adventures. And stop by our booth #1600 to see all we have going on and partake of a refreshing smoothie (which I’m told won’t be Earl Grey & Lavender flavored, but will no doubt offer a delectable break from the Orlando heat and show floor madness).