Featured

Contributor:
Mark Austin
March 19th, 2010

Windows Security Catalogs and Effective Application Control

Solutions that provide application whitelisting or application control need to provide the administrator with a set of rules that can be used to precisely identify applications. The most common types of rule will check the file name or certain attributes of the file, as these rules are relatively simple to maintain, and in most circumstances will provide adequate protection, assuming a least privilege approach is in place, where users can’t tamper with application files.

Continue Reading

Turning Concern into Action

Edward Snowden’s data leakage at the NSA has certainly caused a ripple effect across the entire IT landscape, forcing organizations across all industries to take a closer look at their current security defenses. At the McAfee FOCUS conference in October this year, we conducted a survey to examine just how closely security professionals were rethinking their approaches to security as a result of the NSA incident. And just as important – if not more – was determining how many of those professionals were actually converting these attitudes to action.

Continue Reading


The Rise and Rise of ‘Standard’ Mode

User Account Control was a great idea but it has taken privilege management to fulfill its potential

How did computer security get into such a troubled and confused state? It’s a question security professionals must ask themselves on a daily basis as they face demands that threaten to explode budgets while offering no guarantee that any of the expensively-assembled defenses will actually work.

The roots of the malaise goes back to the early years of the millennium when enterprises and consumers using Windows 2000 and Windows XP were suddenly ambushed by waves of clever software attacks that warned the world that criminals had floored an evolutionary accelerator pedal. By the time XP and Windows received its first major security upgrade in the form of Service Pack 2 in 2004, it was becoming clear that security had entered an unsettling era that might take decades to play out.

Continue Reading


Whose job is it to watch the Admins?

Administrators, privileged network deities or just a type of ordinary network user much the same as anyone else?  Years into an age where IT security has become a mainstream topic, this remains the sort of polarizing question that can provoke one of two reactions; shock or relief.

Continue Reading


Enhanced User Experience in Privilege Guard v3.8

Privilege Guard’s UAC Replacement Extends to MSI Packages

For quite some time we have supported Windows Installer packages, empowering standard users to run MSI’s, MSU’s and MSP’s that would require administrator privileges to complete. This functionality is fundamental in most least privilege deployments, where power users are delegated the privilege of choosing their own productivity tools.

We worked closely with our customers to understand how we can improve this offering, and came up with some additional use cases. We listened, and we delivered a much better user experience in 3.8.

Continue Reading


Beware the USB Stick!

Privilege Guard v3.8 introduces Drive Rule

The Drive Rule is a new validation rule that lets you match applications being executed from particular types of drive.  Not too dissimilar in concept to the file path rule (where applications are matched based on their directory location), the drive rule lets you target the drive itself.

Continue Reading