Privileges in the Real World: Securing Password Management

Presented at BSidesLV 2015, Aug. 4, 2015, 6:30 p.m. (25 minutes)

This presentation presents insights from a recently-conducted study on the exposure of networks to credential theft attacks and privileged accounts exploitation, and discusses the effectiveness of mitigations. This session will present some of the best practices needed to manage these privileged accounts, and highlights the need for automation in order to achieve effective privileged password management.

Presenters:

• Andrey Dulkin
  Andrey Dulkin has over 15 years of experience in information security research and development, both in technical and leadership positions. In his current position, Andrey heads the CyberArk Labs, where his research focuses on targeted attacks mitigation, critical infrastructure security, security architecture and various aspects of organizational information systems protection. Andrey is an active member of several cybersecurity forums and a frequent speaker at various security conferences (BSides, RSA, BlackHat, InfoSec, Cybertech and others), and his interests include Internet technologies, machine learning and programming for Android.

Links:

• https://bsideslv2015.sched.com/event/3ukI/privileges-in-the-real-world-securing-password-management
• https://infocon.org/cons/Security BSides/BSides Las Vegas/BSides Las Vegas 2015/Privileges in the Real World Securing Password Management Andrey Dulkin.mp4

Similar Presentations:

• BSidesLV 2019 / My quest for (privileged) identity to own your domain
• GrrCON 2015 / Targeted Attacks and the Privileged Pivot
• BSidesSF 2016 / Scan, Pwn, Next! – exploiting service accounts in Windows networks