A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Managing Elevated Privileges in the Enterprise Environment - Erik Burgess BSides Indy 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

Managing Elevated Privileges in the Enterprise Environment
Erik Burgess
BSides Indy 2016

I'm sure we've all experienced the chaos that a user with Administrative privileges can cause. Preventing or limiting damage, regardless of the severity, is paramount to the continued long-term survival of any organization. In this talk, I will identify some of the challenges that you are likely to face from your user community when implementing least privilege. I will also demonstrate how to identify and eliminate some types of application dependencies on privilege requirements. In a culmination of these ideas, I will show one method currently being used to automate the management and tracking of elevated privileges in a real-world environment through a variety of tools and scripts. The benefits of removing Administrative privileges far outweigh the risks, but a complete analysis of the environment and discovery of dependencies needs to be performed to help facilitate the planning and preparation of the deployment.

Back to BSides Indy 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast