Menu
Contact Us
Get a Demo
Blog-hero

Remediant Blog

Stay up to date with thought-leading expertise

by JD Sherry, on Jan 25, 2021

Most information security professionals are fundamentally aware of the Principle of Least Privilege (PoLP): When you’re assigning access, give users what they need, only as long as they need it. Don’t give more. Just give them Just-in-Time access (JITA). It’s an easy case to make: Implement the Principle of Least …

Read Story
Topics:SecureONEZero Standing Privilege

by JD Sherry, on Dec 18, 2020

Ransomware keeps us up at night. It’s the worst-case scenario that hits companies where it hurts—their data. Ransomware locks us out of our data as the attackers threaten to destroy it, or worse, publish it if they don’t get paid their ransom for the decryption key. In 2021, we envision …

Read Story
Topics:Cyber ThreatsZero Standing PrivilegeRansomware

by Tim Keeler, on Dec 15, 2020

I wanted to share my thoughts on the SolarWinds attack that has been used to target government agencies as well as other private/public companies. FireEye has an excellent write-up ( Highly Evasive Attacker Leverages SolarWinds Supply Chain to CompromiseMultiple Global Victims With SUNBURST Backdoor ) and I encourage everyone to …

Read Story
Topics:SecureONECyber ThreatsZero Standing Privilege

by JD Sherry, on Dec 03, 2020

The concept behind Zero Trust is simple. When you’re designing security, as Forrester alum and concept founder John Kindervag says, “never trust, always verify.” In practice, that means giving users just what they need, when they need it, and nothing more. That sounds great. So, why hasn’t everyone committed to …

Read Story
Topics:Zero Standing PrivilegePrivileged Access Management (PAM)

by Mahesh Babu, on Nov 17, 2020

The Marriott breach this year involved the theft of employee credentials. Specifically, attackers obtained the login credentials for two franchise property employees which gave them access to a third party guest application used to deliver guest services. From there, attackers were able to harvest guest information needed to execute spear-phishing campaigns: …

Read Story
Topics:Cyber Threats

by Mahesh Babu, on Sep 09, 2020

Just-in-time administration (JIT) is a now prevalent capability in PAM solutions. Once an emerging, niche feature set, this has now propelled into a table-stakes capability for PAM vendors offered as a bolt-on with their Enterprise Vault and PEDM offerings promising to (1) reduce the surface of unnecessary persistent access given …

Read Story
Topics:Privileged Access Management (PAM)

by Stephen Burgio, on Jul 21, 2020

Today, it’s rare that an attack on public figures is carried out before company defenders are able to mount a response. Typically, an announcement is made that X company experienced an incident, Y-number of identities were compromised, clean-up efforts are completed, and consult Z if you’d like to be part …

Read Story
Topics:Cyber Threats

by Tim Keeler, on Jun 23, 2020

The recent cyber campaign targeting Australian government networks should not come as a surprise to cyber security experts. The heavy use of spear-phishing for intrusion, credential harvesting for privilege escalation and lateral movement is in every adversary’s playbook. What is important to note is one’s exposure to this type of …

Read Story
Topics:Cyber Threats

Looking for more ways to stay up to date?

Follow us on social

Subscribe to Updates