Security business menu
Security business
HOME
To be elected
cause
Service
Handling Manufacturer
Examples/reports/
Blog/Glossary
Seminar/
video on demand
Event/Seminar
video on demand

CyberArk

cyber arc

Endpoint admin privileges and security

Attackers use the intrusion of endpoint terminals as a foothold to expand their intrusion within the environment. In this case, if the compromised user has administrative privileges, the attacker can abuse those privileges.

Endpoint admin privileges and security

Risks of giving administrator privileges

An environment in which users are given administrator privileges has the following advantages from the attacker's point of view.

Change system configuration Change system configuration

Change system configuration

Attackers can freely change the settings to make it easier for them to attack
・Service installation and execution
・Installation of malicious software
・Disable antivirus, uninstall, etc.

Steal password information Steal password information

Steal password information

Credential theft, including access to password hashes that remain in memory

Create or modify user accounts Create or modify user accounts

Create or modify user accounts

Create a backdoor account and use it for persistent infiltration

CHALLENGES IN ENDPOINT PRIVILEGE MANAGEMENT

The biggest challenge is how to balance convenience and security.

CHALLENGES IN ENDPOINT PRIVILEGE MANAGEMENT

CyberArk solves your endpoint privilege management headaches! !

Endpoint Privilege Manager (EPM) Functional Overview

Achieving Least Privilege
  • Revoking administrator privileges from user terminals
  • Users can use privileges only for necessary operations according to pre-defined policies
  • Monitoring privileged behavior
Application control
  • Set application execution permission or prohibition
  • Applications not present in the rules can be allowed to run in restricted mode
    example)
    ・Allows the execution of applications, but does not allow operations that require administrator privileges.
    ・Do not allow applications to communicate with the Internet
    ・Do not allow applications to access other files
Privilege protection, threat detection
  • Detects and blocks access to credentials that remain in memory or browsers
  • Detect and block file access by ransomware

Usage image

By creating a policy, it is possible to control permission/non-permission for operations involving administrator privileges.

Usage image

architecture

  • The management console and policy server are provided on SaaS.
  • Install the EPM agent on the customer terminal.
architecture

Features of EPM Agent

  • It is very lightweight and uses less than 1% CPU on average.
  • It supports Windows OS and MacOS.
  • HTTPS/443 communication to the Internet is required from the EPM Agent installation terminal.
  • Installation does not require OS reboot.
Download materials here

Inquiry/Document request

Macnica CyberArk

inquiry Document request

Mon-Fri 8:45-17:30