Author Archives: Mark Austin
Posted in Least Privilege
Comments Off
Mitigating Advanced Malware Attacks with Least Privilege
Targeted malware attacks and Advanced Persistent Threats (APTs) are making malware detection and removal much more challenging. It is common knowledge that good security requires a defense-in-depth strategy, as no single solution can provide adequate protection from malware. Traditional approaches … Continue reading
Posted in Application Control, Least Privilege, Privilege Guard, Software Installation
Comments Off
Self-Provisioned Software Installation with Privilege Guard
In addition to elevating the rights of privileged applications and administrative tasks, Privilege Guard can empower users to install approved software. Although most organizations will have some form of centralized software distribution in place, packaging every application for distribution is … Continue reading
Posted in Event Forwarding, Privilege Guard, WinRM
Comments Off
Privilege Guard 3.0 Reporting Pack Preview
Last week I gave you a sneak preview of Privilege Guard 3.0, which will be released at the start of the New Year. We will also be releasing two new add on modules for Privilege Guard, and today I want … Continue reading
Posted in Privilege Guard
Comments Off
Privilege Guard 3.0 Sneak Peek
As we approach the end of 2011, the Avecto product development team have been busy putting the finishing touches to Privilege Guard 3.0, along with two brand new modules for Privilege Guard – the Privilege Guard Reporting Pack and the … Continue reading
Posted in ePO, Least Privilege, McAfee, Privilege Guard
Comments Off
Protecting Against Kernel-mode Rootkits with Avecto and McAfee
Kernel-mode rootkits install themselves deep inside the operating system. They often use cloaking techniques to hide themselves and other malware to prevent detection or removal. The introduction of kernel patch protection in 64-bit Windows made it more difficult for kernel-mode rootkits … Continue reading
Posted in Least Privilege, Privilege Guard
Comments Off
Privilege Guard 2.8 Anti-tamper Protection
Privilege Guard 2.8 is the first privilege management solution to introduce an intelligent anti-tamper mechanism that can protect the Privilege Guard software and configuration settings against modification from elevated processes, while still allowing the solution to be administered by true … Continue reading
Posted in Active Directory, Group Policy, Privilege Guard
Comments Off
Deploying Privilege Guard with NetIQ GPA
Avecto Privilege Guard is implemented as a Group Policy Extension, which allows it to integrate seamlessly with solutions that enable advanced management of Group Policy. This includes Microsoft’s Advanced Group Policy Management (AGPM), which is part of the Microsoft Desktop … Continue reading
Posted in Least Privilege, Privilege Guard
Comments Off
Privilege Guard Master Class
I often get asked about best practices when configuring Privilege Guard, so I thought I’d take the time to demonstrate some of the flexible ways the product can be used to implement least privilege. Privilege Guard enables you to cater … Continue reading
Posted in Group Policy, WMI
Comments Off
Active Directory Group Policy and WMI Filters
The scope of a Group Policy Object (GPO) can be controlled with WMI filters, based on criteria such as operating system version or hardware specifications. A WMI filter consists of one or more queries, and if all queries evaluate to … Continue reading
Posted in Privilege Guard, User Account Control (UAC), Windows 7, Windows Security Catalogs
Comments Off
Privilege Guard 2.7 and Enhanced UAC Integration
Privilege Guard first introduced UAC (User Account Control) integration in version 2.5, which enables rules to be defined that trigger when an application requires administrator privileges in order to run. Further enhancements to the UAC rule in version 2.7 now … Continue reading
