Name: Insider Abuse & Cyber Attacks: Taking a Proactive Approach to Managing GCP Users
Start: 2021-11-30T19:00:00Z
End: 2021-11-30T19:00:45.000Z
Location: BrightTALK
Rating: 5

Britive (www.britive.com) is a cloud-native security solution built for the most demanding cloud-forward enterprises. The Britive platform empowers teams across cloud infrastructure, DevOps, and security functions with dynamic and intelligent privileged access administration solutions for multi-cloud environments. The Britive platform helps organizations implement cloud security best practices like just-in-time (JIT) access and zero standing privileges (ZSP) to prevent security breaches
and operational disruptions, while increasing efficiency and user productivity.

Secrets governance is a cornerstone of cloud security – but to capitalize on cloud’s many benefits, businesses need more than what traditional secrets vaults can offer.

To protect secrets, cloud access management platforms must deliver:
– Just-In-Time (JIT) privileges
– Cross-cloud visibility
– Role right-sizing analytics
– AND secrets management – all from a centralized location that’s easy to manage.

How can we get there?

Join Britive and Eden Data for this interactive conversation to find out what cloud-native secrets governance can do for you.

Elevating Secrets Governance in the Cloud

Organizations using multi-cloud environments recognize the need for Just-In-Time, Least Privilege, and Zero Standing Privileges. But achieving such a posture through an in-house solution is time-consuming, complex, and nearly impossible to enforce.  

Without a unified access model to manage hundreds of human and non-human identities cross-cloud, leaders have few options. As a result, users are granted elevated privileges they don’t need, which increases risk and expands your attack surface. 

Join Britive and Focal Point for this informative 1 hour webcast and see for yourself how Britive’s out of the box platform automatically grants and revokes privileges on the fly, thereby enforcing zero standing privileges and securing your multi-cloud environment.  

What you'll get: 

• A deep-dive into the challenges organizations face managing privileged access in multi-cloud environments  
• Cautionary case studies from customers that attempted to build JIT, LPA, and ZSP in-house 
• How to elevate standing privilege discovery capabilities in the cloud 
• How to enforce JIT leveraging native APIs 
• How built-in analytics and reporting cross-cloud delivers unsurpassed visibility 
• How to effectively build ZSP into your CI/CD process 
• A live demo that shows how Britive’s platform resolves core security and user management challenges

Securing Multi-Cloud Environments: DIY Privilege Access Management Doesn't Work

Targeting immature cloud identity governance systems and lax security in DevOps processes, cybercriminals are focusing malicious attacks on privileged access and secrets management infrastructure as never before. Gartner now sees security failures involving privileged identities rising to 75 percent in 2023, up from 50 percent in 2020. Not a surprise, given the new, complex world of multiple cloud platforms and apps. Today, Zero Trust Access has become a must for any enterprise that’s serious about protecting its customers, employees, IT resources, and data.  

Join Dr. Chase Cunningham, Chief Strategy Officer (CSO) at Ericom Software, and John Morton, Director of Solutions Engineering at Britive Security for this webcast to learn how you can extend Zero Trust to your cloud identity lifecycle. You’ll get insight into:  

•How to empower cloud infrastructure, DevOps, IT, and security teams with dynamic and intelligent privileged access administration.  

•How ephemeral just-in-time permissions and zero-standing privilege strategies combine to enable you to maintain a state of Zero Standing Privileges (ZSP)

•How enforcing least privilege access can eliminate over-privileged accounts, minimize your attack surface and easily right-size privileges.

Extending Zero Trust to Your Cloud Identity Lifecycle

Targeting immature cloud identity governance systems and lax security in DevOps processes, cybercriminals are focusing malicious attacks on privileged access and secrets management infrastructure as never before. Gartner now sees security failures involving privileged identities rising to 75 percent in 2023, up from 50 percent in 2020. Not a surprise, given the new, complex world of multiple cloud platforms and apps. Today, Zero Trust Access has become a must for any enterprise that’s serious about protecting its customers, employees, IT resources, and data.  

Join Dr. Chase Cunningham, Chief Strategy Officer (CSO) at Ericom Software, and John Morton, Director of Solutions Engineering at Britive for this webcast to learn how you can extend Zero Trust to your cloud identity lifecycle. You’ll get insight into:  

•How to empower cloud infrastructure, DevOps, IT, and security teams with dynamic and intelligent privileged access administration.  

•How ephemeral just-in-time permissions and zero-standing privilege strategies combine to drive effective secrets governance. 

•How enforcing least privilege access can eliminate over-privileged accounts, minimize your attack surface and easily right-size privileges.

Maintaining a Zero Standing Privilege (ZSP) Posture In Multi-Cloud Environments

One of the most frequent questions prospective Britive customers ask is, “How can adding privileged access management (PAM) functionality into our DevOps automation processes and strategy enhance our security in the cloud, without disrupting product delivery or requiring extensive management overhead?”  This short product demo video answers this question in detail.  

Specifically, prospective Britive customers are interested in their CI/CD pipeline and deployment of resources via Terraform to AWS. They want to be able to easily add secure, least privilege human user account access via role-assumption between Britive and newly created AWS resources – preferably in an automated fashion. 

This is a legitimate concern, given that DevOps teams are typically laser focused on applying their limited resources to product development, not security. And if they have any experience with traditional PAM solutions on-prem, they know how they can be complicated to manage – and are rightfully apprehensive.   

Fortunately, the Britive Dynamic Permissioning Platform is an automated cloud-built solution, that is able to minimize the DevOps attack surface with minimal additional cost and management overhead.

Securing Cloud Identities While Automating DevOps Processes

This 4:02 product demo video discusses how Britive can be used to maintain Zero Standing Privileges (ZSP) in ServiceNow, specifically, through Just-in-time (JIT) privileges. A standard ServiceNow user will check out a Britive "profile" that will give them elevated permissions to conduct privileged activities in ServiceNow, which then expire after a predetermined length of time.

Maintaining Zero Standing Privileges in ServiceNow

Learn why migrating your network and security infrastucture to the cloud is insufficient to address the security challenges the cloud poses to your CI/CD processes

Securing the DevOps & SecOps Journey to the Cloud

Google Cloud (GCP) is a powerful suite of public cloud computing services that enables your IT professionals and developers to work more flexibly and efficiently. But it is also vulnerable to insider abuse and cyberattacks – especially when it comes to users with privileged access. 

Standing privileges for admins and app developers that remain vulnerable to exploitation 24/7 massively increases the blast radius of your human and machine users. Limited visibility into who has which privileges and how they are used hamstrings security and auditing. And unused and overly-broad privileges can be targeted and exploited, putting the most important keys to your organization’s kingdom in danger. Existing security solutions to solve these GCP challenges don't exist. 

Join Rob Forbes, Director of Identity Services at Stratascale and John Morton, Director of Solutions Engineering at Britive, for an informative one-hour webcast to learn how your organization can securely take advantage of everything GCP has to offer without sacrificing development speed or impeding your CI/CD processes. 

Today’s most successful organizations know the future of business is in the cloud.

Insider Abuse & Cyber Attacks: Taking a Proactive Approach to Managing GCP Users

Google Cloud Platform

Just in Time Privileges

Least Privilege

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful emerging technology insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on technologies like 3D printing, pervasive robotics, natural interfaces, connected everything and cognitive systems.

Emerging Technologies

The research and development community on BrightTALK brings together leading professionals in healthcare, technology and manufacturing to present on current topics in their fields. From big data in healthcare to online forensics training and medical research practices, the community is an exceptional resource for those looking to expand their knowledge. Be part of the conversation by joining the community and participating in interactive live webinars.

Insider Abuse & Cyber Attacks: Taking a Proactive Approach to Managing GCP Users

Presented by

About this talk

More from this channel