Delinea updates Cloud Suite to limit lateral attacks
Delinea, a provider of solutions that extend Privileged Access Management (PAM), has announced the latest version of Cloud Suite, part of its Server PAM solution, which provides privileged access to and authorisation for servers.
Updates include more granular support for just-in-time (JIT) and just-enough privilege access automation, and improved identity assurance through enforced human interaction when prompted for multi-factor authentication (MFA) at server log-in or privilege elevation.
A 30-day study conducted by VMware revealed that almost 45% of intrusions also included a lateral movement event. The most common MITRE ATT&CK techniques associated with lateral movement were Samba/Windows Admin Shares, Pass the Hash, SSH and RDP.
According to the company, the best defences against these techniques include limiting the standing privilege for enterprise identities and presenting users with additional challenges that validate their identity when accessing and granting elevated privileges on servers containing critical business data.
Implementing just-in-time and just-enough privileges can prevent bad actors from executing damaging commands using the above mentioned techniques, Delinea states.
Authentication and authorisation work together to limit lateral movement
Recent updates to Cloud Suite's privilege elevation controls allow administrators to request specific commands or sets of commands from within the interface when accessing local or cloud-hosted servers, Delinea states.
Policies can be set up to automate just-in-time and just-enough privilege scenarios, reducing the risk related to standing privileges and aligning with zero trust best practices.
Additionally, enhancements to the MFA enforcement functionality in Cloud Suite now involve additional requirements for human interaction to authenticate and cannot be bypassed through automation.
Phil Calvin, Chief Product Officer at Delinea, says, "The ability to limit standing privileges at the host level and enforce authentication at server login and at privilege elevation is unique to Delinea."
Calvin says, "We continue to refine and focus our solutions with the most current and modern privileged access best practices, helping our customers reduce the risk and impact of cyber attacks."
Additional updates in this release include support for FastSQL, further improving the performance, security and scalability of Cloud Suite.
The Delinea Platform extends PAM by providing authorisation for all identities, granting access to an organisations most critical hybrid cloud infrastructure and sensitive data to help reduce risk, ensure compliance and simplify security.
Delinea states the company aims to remove complexity and defines the boundaries of access for thousands of customers. The company's customers range from small businesses to the world's largest financial institutions, intelligence agencies and critical infrastructure companies.