Remediant, privileged access management (PAM) provider that enables customers to protect against ransomware by preventing lateral movement, announced interoperability between its SecureONE solution and VMware Carbon Black Cloud to deliver integrated PAM and endpoint detection and response.
The new capability combines the power of Remediant’s privileged identity security context with VMware Carbon Black Cloud Endpoint, enabling organizations to implement Zero Trust security — without adding an additional PAM agent. Today, organizations require visibility to privileged identities to reduce overall enterprise risk by stopping attacks before endpoints are compromised. VMware Carbon Black Cloud Endpoint provides device-centric visibility and monitors for malicious behavior. Remediant focuses on “Zero Standing Privilege” (ZSP) by removing 24×7 admin rights (“Just-In-Case” administrator / privileged rights) from endpoints in favor of Just-In-Time (JIT) access.
The interoperability with VMware Carbon Black Cloud will help prevent:
- Unnecessary administrator user accounts, which attackers use to expand the scope of their attack
- Persistent standing privileged access that attackers use to compromise an organization broadly. For example:
- An attacker with a compromised admin account can disable endpoint agents
- Changing system configuration
- Lateral movement of an attacker posing as a real administrator using compromised credentials
Now, Remediant SecureONE customers using VMware Carbon Black Cloud can extend their reach to maintain ZSP and JIT access when endpoints are outside the corporate network and VPN. Organizations can maintain SecureONE management of Windows systems with VMware Carbon Black Cloud even when SecureONE cannot reach them. Together, SecureONE and VMware Carbon Black Cloud can help enhance security for the growing remote workforce.
Key use cases include:
- Helpdesk staff can enable their privileged access to support the systems outside the network
- Security Operations (SecOps) can determine privileged access and enforce the desired JIT privileged access on a system
- Remote users such as software developers (DevOps) can install software and make system config changes using privileged access
Traditional PAM strategies have left companies ill-prepared for the identity-based attacks on endpoints. The interoperability between Remediant and VMware Carbon Black Cloud better enables organizations of all sizes to protect their endpoints by discovering and restricting 24X7 privileged account sprawl.
“As the threat landscape evolves, security and IT teams must be empowered to detect and stop emerging attacks,” said Chris Goodman, director of technical alliances, Security business unit, VMware. “Leveraging the VMware Carbon Black Cloud, Remediant can help customers bolster their defenses by deploying Zero Trust privileged access management that helps better detect and prevent lateral movement in compromised accounts.”
“The damage caused by compromised privileged accounts increases rapidly over time as attackers move laterally through the network environment. It’s critical to detect and prevent lateral movement and ransomware as soon as possible after an attacker enters the network,” said Paul Lanzi, COO and co-founder of Remediant. “The combined capabilities of Remediant’s Zero Standing Privilege (ZSP) approach and JIT access with VMware Carbon Black’s Cloud EDR turns the tables, putting attackers on the defensive and stopping attacks well before valuable endpoints are compromised.”
VMware and Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions.
Image Licensed by: pixabay.com