X
Sign up for the monthly live demo session
or for a one-on-one demo.
logo

Log In

[templated item][templated item][templated item][templated item][templated item][templated item][templated item][templated item]
News

News | Webinars

Webinars

Past WebinarsLast 12 Months

Security Vulnerabilities Associated With Having Local Administrator Privileges

Speaker: Paula Januszkiewicz | August 12 at 2:00 PM EDT

Paula Januszkiewicz, IT Security Auditor, Enterprise Security MVP, trainer (MCT) and Microsoft Security Trusted Advisor, will be conducting a discussion that centers on the security threats that are related to having excess local administrator privileges. The situations to be explored include:

  • Owned Identity: Grabbing users' Kerberos tickets
  • Extracting passwords from the operating system: who, where, and how
  • Pass-the-hash scenario where excessive admin rights are exploited to steal the credentials of an admin

After Paula's discussion, Alex Shoykhet, Viewfinity's VP of Product Management, will demonstrate how Viewfinity supports the principal of least privilege rights. He'll discuss how removing admin rights from users and managing privileges at a granular application level reduces the attack surface and helps to stop hackers in their tracks from using local administrative privileges as a back door to stealing credentials via pass-the-hash invasions.



Past Webinars

Saving Time and Resources Managing Administrator Rights

Speaker John Pescatore | July 22 at 1:00 PM EDT

In this WhatWorks analysis, John Pescatore examines a use case where end users had local administrative rights on their PCs and it had gotten out of hand for this Fortune 500 Energy and Utilities company. The compelling event that prompted the company to reexamine this situation was the migration to Windows 7. In Windows XP, a custom tool that allowed users one of three levels of administrative rights to their workstations would need to be replaced during the Windows 7 deployment. The workstation Architect spearheaded a search for a Privilege Management product. The Viewfinity solution he found allowed him to implement a process-based whitelist that supports a variety of more than 3,000 applications installed for business use and significantly decreased the manpower required to support user installation and privilege elevation requests. Local administrative rights have been removed and any user needs requiring administrative rights are handled automatically using the Viewfinity software ensuring we are always operating in a least risk environment.

Customer Use Case Review: Tullow Oil

July 16, 2014 at 9:30 am ET

Tullow Oil is a leading independent oil and gas, exploration and production group and is quoted on the London, Ghana and Irish Stock Exchanges (symbol: TLW.L).  Headquartered in London, it is one of the largest independent oil and gas exploration and production companies in Europe with a focused portfolio of world-class assets.  Tullow has interests in over 100 production and exploration licenses in 22 countries which are managed as three regional business units: West & North Africa, South & East Africa and Europe, South America and Asia.

The Challenge:
The company's network includes 2300 desktops running more than 300 applications including 35 custom applications.  There are also ~40 remote locations with hundreds of people travelling around the world on a daily basis.  Providing administrator level rights across the machine enabled users to easily engage in tasks which could threaten the performance of the machine, open doors to infection or probing of the Tullow network and other unintended consequences.

Tullow Oil now has the ability to apply elevated permissions on a per application or per service basis.  We'll explain how this increases IT's ability to maintain a standard desktop/laptop build globally, reducing pressure on our local IT teams to offer machine admin permissions and increase our overall network security.

Emerging Security Trends with John Pescatore

Speaker: John Pescatore | June 10 at 3:00 PM EDT

Overview

Threats are advancing constantly and users are demanding to use more devices and more cloud services. John Pescatore will give a data-driven presentation on the recent and future trends in advanced threats, and highlight the evolution (and some revolution) needed in security processes, architecture, and technology in order to protect the business in 2014 and beyond. The discussion will use the Critical Security Controls as the foundation of an approach to security that can deter more attacks, detect more quickly the ones that do get through and minimize the damage of attacks that go undetected.

Speaker Bio

John Pescatore

John Pescatore joined SANS in January 2013, with 35 years of experience in computer, network and information security. He was Gartner's lead security analyst for more than 13 years, working with global 5000 corporations, government agencies and major technology and service providers. In 2008, he was named one of the top 15 most influential people in security and has testified before Congress on cybersecurity. Prior to joining Gartner Inc. in 1999, John was senior consultant for Entrust Technologies and Trusted Information Systems. Prior to that, he spent 11 years with GTE developing secure computing and telecommunications systems. In 1985, he won a GTE-wide Warner Technical Achievement award. Mr. Pescatore began his career at the National Security Agency, where he designed secure voice systems, and the United States Secret Service, where he developed secure communications and surveillance systems--and the occasional ballistic armor installation. He holds a bachelor's degree in electrical engineering from the University of Connecticut and is an NSA-certified cryptologic engineer. He is an Extra class amateur radio operator, callsign K3TN.

Saving Time and Resources Managing Administrator Rights with a Process-based Whitelist Model

Speaker: John Pescatore | June 05 at 1:00 PM EDT

In this WhatWorks analysis, John Pescatore examines a use case where end users had local administrative rights on their PCs and it had gotten out of hand for this Fortune 500 Energy and Utilities company. The compelling event that prompted the company to reexamine this situation was the migration to Windows 7. In Windows XP, a custom tool that allowed users one of three levels of administrative rights to their workstations would need to be replaced during the Windows 7 deployment. The workstation Architect spearheaded a search for a Privilege Management product. The Viewfinity solution he found allowed him to implement a process-based whitelist that supports a variety of more than 3,000 applications installed for business use and significantly decreased the manpower required to support user installation and privilege elevation requests. Local administrative rights have been removed and any user needs requiring administrative rights are handled automatically using the Viewfinity software ensuring we are always operating in a least risk environment.

The user in this case study served as the Workstation Architect for his company. In his role, he was responsible for all aspects of the project to migrate the company from Windows XP to Windows 7. This included leading the teams that gathered requirements, designed solutions and implemented the project corporate wide. Other responsibilities included oversight of the solutions for software packaging and delivery and the Citrix environment.

Defend Against Breaches with CA and Viewfinity: Privileged Identity Management and Least Privilege Application Control

May 21, 2014 at 1:00 pm EDT

Security breaches are driving the need to manage and audit privileged user accounts, all the way from the “gate-keeper” via password management control, through to the specific privileges and application access via least privilege management principles. 

When CA ControlMinder is used in combination with Viewfinity’s Privilege Management and Application Control solutions, the proven technologies together reduce the risks associated with privileged identities.  CA ControlMinder protects servers by enabling organizations to enforce accountability for their administrators, prevent password theft and sharing.  Viewfinity provides fully automated application control features and administrative privilege capabilities. Jointly, enterprises benefit from a comprehensive solution available for tracking and auditing all privileged and administrative activities, passwords and elevated privilege policies across an organization's entire infrastructure.  The solution spans Windows-based endpoints, to UNIX, Linux and Windows servers, hypervisors, virtual machines, remote based-endpoints and other systems within the organization.

In this joint webinar, we will show how the two products work together to protect companies who require fully automated password management and privileged account auditing along with application monitoring, whitelisting and elevation of privileges for specific applications and tasks in a least privilege environment.  

Eliminating Admin Rights - Learn From Your Peers via Actual Use Cases

April 24, 2014 at 2:00 PM EDT

Certain Windows applications and desktop functions require local administrative privileges in order to run and function properly on a desktop or laptop. But granting full admin rights creates a less secure environment and opens the door for malicious hackers and viruses. During this webcast, three use case scenarios will be presented by IT professionals who will share how they approached their projects to eliminate admin rights. They will walk through their research, solution and results.

Use case scenarios
1. Movado: lessened malware invasions and thus reduced support calls and enhanced endpoint security.
2. Indian Prairie School District: removed rights to better manage & secure 10,000+ PCs spread over 35 locations.
3. Energy & Utilities Fortune 500 company: removed admin rights during Windows 7 rollout.

Attendees will 1) learn how to resolve the administrative privileges problem without jeopardizing your network; 2) how to automatically control user rights for applications and systems which require elevated permissions; 3) be shown a brief demonstration of the solution they put in place to manage admin rights.

A Case Study: Hear How a Customer Is Actively Managing Admin Rights in a Least Privilege Environment

Speaker: Phillip Stasko, March 26, 2014 at 2:00 PM EDT

Join Phillip Stasko as he shares how he removed administrative rights from all desktops and laptops in his organization. Phil will describe how he was able to effectively remove administrator rights from all employees without impeding user productivity, and how he supports their least risk environment with a lean IT Staff of only three support members responsible for 500+ endpoints spanning 35 geographically disbursed branch offices.

Phil willl describe his challenges and how the Viewfinity solution helps him improve the company’s endpoint security, and how Apex has experienced a significant savings in desktop management costs.

Viewfinity will also demonstrate its Privilege Management product. We’ll show how IT administrators can manage and assign administrative privilege permissions in a locked down environment to specific applications and desktop functions through granular control of administrator rights.

A Use Case Cause and Effect IT Security Discussion: Windows Admin Privileges and Application Control

Speaker: Derek Malber, MVP - Tuesday, November 12, 2013, 2:00 PM EST

Join us for a use case presentation probing into the cause and effect of IT security loopholes created by Windows local admin privileges and the lack of application control. In this webcast Derek Melber, MVP, will explain how combining least privilege and application control can provide an optimal solution for securing endpoints. Take away: companies can make the decision to remove local admin privileges for users and control which applications are allowed without impeding productivity.

 

Thwart off Application-Based Security Exploits: Protect Against Zero-Day Attacks, Malware, Advanced Persistent Threats

Speaker: Sean Power, CIO of Lathrop & Gage - October 22, 2013 at 2:00 pm ET

A great danger exists if administrative rights are allowed in a whitelisting model: users that retain administrative rights may attempt to bypass or uninstall application control agents, and attackers may target the whitelisting mechanism to get bad code recognized as legitimate.

Join our featured speaker, Sean Power, CIO of a prominent law firm, in this interactive webinar to learn how you can:

  • Explore the use cases for whitelisting and the removal of administrative rights. 
  • Leverage an ideal solution that removes admin rights and sets up an application control framework that allows approved applications. 
  • Protect against sophisticated zero-day attacks, malware, advanced persistent threats and other application-based exploits.
  • Utilize an automated whitelisting product that reduces the amount of time IT must spend managing the whitelist profile. 

Register for this webcast now to learn how you can close a dangerous security loophole and add a fortified level of security against advanced persistent threats.

All attendees will receive the whitepaper Layers of Cyber Security: Modern Security Threats By Leonid Shtilman.

 

A Use Case Cause and Effect IT Security Discussion: Windows Admin Privileges and Application Control

Speaker: Derek Melber, MVP - October 10, 2013 at 2:00 pm ET

Every company struggles with the decision to remove local admin privileges for users. We struggle because we know that removing local admin privileges will prevent many applications from running. In lieu of removing local privileges we might have considered application control, but find that this alone does not prevent the user from having local admin privileges, thus leaving the computer vulnerable.

In this webcast Derek Melber, MVP, will walk through several use cases scenarios that present the cause and effect leading to security risks related to local administrative privileges and an unmanaged application whitelisting environment.

This tangible discussion examines the issues related to both least privilege and application control, and proposes why combining them provides the most impressive technical solution for securing endpoints you have ever seen. Reserve your seat today!

Microsoft and Viewfinity present: Windows 8 Endpoint and Application Security

 

In this webcast, Microsoft and Viewfinity explore the capabilities for managing security on Microsoft Windows 8 endpoints and applications. The discussion covers both Windows Store and legacy applications. Krish Sundaresan from Microsoft covers off on the Microsoft platform capabilities in Windows 8, System Center Configuration Manager and Microsoft AppLocker are then Alex Shoykhet from Viewfinity discuss how the Viewfinity Application Control and managed privileges solutions complement and enhance the security and application management experience. The solution offers a holistic approach to the various security layers needed to secure your environment as well as adhere to compliance regulations.

Presenters: 

Krish Sundaresan, Technical Architect, Microsoft Technology Center New York City 
Alex Shoykhet, VP of Product Management, Viewfinity

Whitelisting and Removal of Admin Rights Together Form a Best-in-Class Security Solution

 

During this webinar, we will discuss market trends, reasons for increased adoption and best practices related to whitelisting. What specific capabilities should you look for in a commercial solution? How can you effectively implement an application control solution? What are the security and operational benefits of using application control reinforced with managed administrative privileges?

In this program, we address those questions and more with two of the leading experts in the industry, Neil MacDonald, Vice President, Distinguished Analyst and Gartner Fellow Emeritus at Gartner Research and Leonid Shtilman, CEO of Viewfinity. They'll discuss use cases and provide practical advice on how to harness the power of marrying application control and privilege management solutions together to form a best-in-class security solution.

Whitelisting and Removal of Admin Rights: Thwart Off Application-Based Security Exploits

Tuesday, July 30, 2013 at 11:00 am PT / 2:00 pm ET

Learn how this winning combination closes a dangerous security loophole and adds a fortified level of security to protect against sophisticated zero-day attacks, malware, advanced persistent threats and other application-based exploits.

Greg Shields will explore the great danger that exists if administrative rights are allowed in a whitelisting model: users that retain administrative rights may attempt to bypass or uninstall application control agents, and attackers may target the whitelisting mechanism to get bad code recognized as legitimate. The ideal solution is to remove administrative rights from end users and set up a risk-based application control framework that allows approved applications and doesn't necessarily block all unknown applications but instead establishes default behavior for managing applications not yet classified.

Watch as Viewfinity explains how its automated whitelisting reduces the amount of time IT must spend managing the whitelist profile. The automated rating and restricting of unclassified applications proactively secures applications that have not yet been classified, allowing them to run while restricting privileges and limiting access to resources. Whitelisted applications run in standard user mode even if an application explicitly requires admin rights. When this is the case, the software simply elevates privileges for the application, not the user.

Speakers:

Greg Shields, Microsoft MVP, Concentrated Technology

Alex Shoykhet, VP of Product Management, Viewfinity










Copyright © 2007-2013 Viewfinity, Inc. All rights reserved.




News