Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution
暫譯: 身份攻擊向量:實施有效的身份與存取管理解決方案
Haber, Morey J., Rolls, Darran
商品描述
Discover how poor identity and privilege management can be leveraged to compromise accounts and credentials within an organization. Learn how role-based identity assignments, entitlements, and auditing strategies can be implemented to mitigate the threats leveraging accounts and identities and how to manage compliance for regulatory initiatives.
As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security. Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.
Identity Attack Vectors details the risks associated with poor identity management practices, the techniques that threat actors and insiders leverage, and the operational best practices that organizations should adopt to protect against identity theft and account compromises, and to develop an effective identity governance program.
What You Will Learn
- Understand the concepts behind an identity and how their associated credentials and accounts can be leveraged as an attack vector
- Implement an effective Identity Access Management (IAM) program to manage identities and roles, and provide certification for regulatory compliance
- See where identity management controls play a part of the cyber kill chain and how privileges should be managed as a potential weak link
- Build upon industry standards to integrate key identity management technologies into a corporate ecosystem
- Plan for a successful deployment, implementation scope, measurable risk reduction, auditing and discovery, regulatory reporting, and oversight based on real-world strategies to prevent identity attack vectors
Who This Book Is For
Management and implementers in IT operations, security, and auditing looking to understand and implement an identity access management program and manage privileges in these environments
商品描述(中文翻譯)
發現不良的身份與權限管理如何被利用來妥協組織內的帳戶和憑證。了解如何實施基於角色的身份分配、權限和審計策略,以減輕利用帳戶和身份的威脅,以及如何管理合規性以符合監管要求。
作為解決方案,身份存取管理(Identity Access Management, IAM)已成為企業安全的基石。管理所有資源的帳戶、憑證、角色、認證和證明報告現在已成為安全和合規的要求。當身份盜竊和不良身份管理被利用作為攻擊向量時,風險和脆弱性會指數性增加。隨著網路攻擊的數量和複雜性持續增加,問題不在於是否會發生事件,而在於何時會發生。威脅行為者針對帳戶、用戶及其相關身份,通過特權攻擊和資產脆弱性進行惡意活動。
《身份攻擊向量(Identity Attack Vectors)》詳細說明了與不良身份管理實踐相關的風險、威脅行為者和內部人員利用的技術,以及組織應採用的操作最佳實踐,以防止身份盜竊和帳戶妥協,並發展有效的身份治理計劃。
您將學到的內容:
- 理解身份背後的概念,以及其相關的憑證和帳戶如何被利用作為攻擊向量
- 實施有效的身份存取管理(IAM)計劃,以管理身份和角色,並提供合規性認證
- 了解身份管理控制在網路攻擊鏈中的角色,以及如何將特權管理作為潛在的弱點
- 基於行業標準,將關鍵身份管理技術整合進企業生態系統
- 規劃成功的部署、實施範圍、可衡量的風險降低、審計和發現、監管報告及監督,基於現實世界的策略來防止身份攻擊向量
本書適合對象:
IT運營、安全和審計領域的管理人員和實施者,尋求理解和實施身份存取管理計劃並在這些環境中管理特權。
作者簡介
Morey J. Haber is Chief Technology Officer at BeyondTrust. He has more than 20 years of IT industry experience, and has authored two Apress books: Privileged Attack Vectors and Asset Attack Vectors. He joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. He currently oversees BeyondTrust technology management solutions for vulnerability, and privileged and remote access. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.
Darran Rolls is CISO and Chief Technology Officer at SailPoint, where he is responsible for directing the company's technology strategy and security operations. He has a long history in identity management and security at companies such as Tivoli Systems, IBM, Waveset Technologies, and Sun Microsystems. He has helped design, build, and deliver innovative, ground-breaking technology solutions that have defined and shaped the identity and access management (IAM) industry. He frequently speaks at industry events and to customers about IAM and next-generation enterprise security solutions.
作者簡介(中文翻譯)
**Morey J. Haber** 是 BeyondTrust 的首席技術官。他在 IT 行業擁有超過 20 年的經驗,並且是兩本 Apress 書籍的作者:《Privileged Attack Vectors》和《Asset Attack Vectors》。他於 2012 年加入 BeyondTrust,成為 eEye Digital Security 收購的一部分。他目前負責 BeyondTrust 的技術管理解決方案,專注於漏洞、特權和遠端存取管理。2004 年,他以安全工程總監的身份加入 eEye,負責與財富 500 強客戶的戰略業務討論和漏洞管理架構。在加入 eEye 之前,他是 Computer Associates, Inc. (CA) 的開發經理,負責新產品的測試周期和指定客戶帳戶。他的職業生涯始於政府承包商,擔任可靠性和可維護性工程師,負責建造飛行和訓練模擬器。他在紐約州立大學石溪分校獲得電機工程學士學位。
**Darran Rolls** 是 SailPoint 的首席資訊安全官 (CISO) 和首席技術官,負責指導公司的技術策略和安全運營。他在身份管理和安全領域擁有悠久的歷史,曾在 Tivoli Systems、IBM、Waveset Technologies 和 Sun Microsystems 等公司工作。他幫助設計、建造和交付創新且具有開創性的技術解決方案,這些解決方案定義並塑造了身份和存取管理 (IAM) 行業。他經常在行業活動和客戶面前發表有關 IAM 和下一代企業安全解決方案的演講。
