Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
SYS-CON.TV
Top Links You Must Click On


Cyber-Ark Secures Primary Targets in Critical Infrastructure Attacks – Privileged Accounts

Cyber-Ark® Software today announced the release of its Privileged Identity Management Suite for Critical Infrastructure Protection (PIM/CIP) to secure, manage and monitor all privileged account access and activities across Operational Technology (OT). The solution secures critical infrastructure by preventing the exploitation of local or remote access to privileged accounts – the primary target of Industrial Control Systems (ICS) and SCADA cyber-attacks.

Privileged Accounts Emerge as Primary Target of Critical Infrastructure Attacks

  • Organizations that serve as national critical infrastructure have interconnected corporate IT systems with production and OT environments that were traditionally segregated. Connecting ICS, SCADA and other OT systems to corporate networks has introduced known risks from the IT environment into the OT environment – including the exposure of privileged access points.
  • Privileged access points consist of privileged and administrative accounts, default and hardcoded passwords, application backdoors, and more. These accounts act as a gateway to an organization’s most sensitive production systems, which control the production and delivery of electricity, water, gas and other critical services to the public.
  • The typical operational environment consists of thousands of servers, databases, SCADA RTUs and PLCs, network devices and applications – all controlled and managed by a variety of privileged and shared administrative accounts. Built-in vulnerabilities, including hardcoded and factory default passwords, are also known problems in OT and SCADA systems. The security, control and auditability of these privileged access points are often neglected, while usage is hard to monitor.
  • A recent alert1 from The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) highlighted that the combination of network connectivity with these known vulnerabilities would “significantly increase the ICS threat landscape.”
  • The report further stated that critical infrastructure companies should “not assume that their control systems are secure or that they are not operating with an Internet accessible configuration. Instead, asset owners should thoroughly audit their networks for Internet facing devices, weak authentication methods, and component vulnerabilities.”

PIM/CIP Secures Critical Infrastructure –Protects the Privileged Pathway

Cyber-Ark’s PIM/CIP identifies, secures, manages and tracks all privileged account access and activities across the operational environment, preventing potential cyber-attacks by controlling and monitoring all privileged activities. Cyber-Ark PIM/CIP enables critical infrastructure organizations to:

  • Minimize Insider Threats and External Cyber-Threats – Privileged credentials have emerged as the primary target for cyber-attackers – including internal and external attackers. PIM/CIP identifies all privileged accounts across critical infrastructure and secures the use of these shared accounts by identifying users with authorization, providing full accountability and account usage (audit trails).
  • Manage Privileged Identities – Organizations can manage privileged passwords and control access for the thousands of remote devices that connect to a network. PIM/CIP enforces policies and workflows around privileged password usage, strength and automatic replacement.
  • Secure and Monitor Remote Vendor/Contractor Access – Enables external contractors to have a secured and transparent connection into the network while isolating the critical network from the threats of malware -- all without divulging system passwords. PIM/CIP provides complete real-time monitoring and recording capabilities of all privileged sessions for forensic analysis and change management review. Organizations are able to terminate suspicious activity in real-time.
  • Achieve Compliance with NERC CIP Standards – Cyber-Ark PIM/CIP automates controls to meet NERC CIP regulatory requirements and continuous audit readiness. Organizations can create audit ready processes and policies for password strength, periodic password replacement and role-based access control.
  • Reduce Operational Costs – A flexible policy management engine discovers, provisions, automates and replaces hundreds of thousands of privileged credentials across the ICS network and the Smart Grid, eliminating resource-intense manual procedures. This minimizes energy fraud/theft in smart meters by restricting access and creating accountability.

“The built-in flaws of ICS and OT systems have left our critical infrastructure increasingly vulnerable to attacks. As we saw with Stuxnet, the Shamoon virus at Saudi Aramco, and similar high-profile attacks, privileged account vulnerabilities have emerged as the priority target for cyber-attackers,” said Roy Adar, vice president of product management, Cyber-Ark Software. “Cyber-Ark’s PIM/CIP identifies and protects these privileged access points, securing each organization from the inside out. In addition, the suite provides a comprehensive audit trail for ensuring compliance regulations laid out by NERC CIP, CFATS and NRC.”

For more information, visit the website or download the following whitepapers: Cyber-Ark for Critical Infrastructure Protection, Cyber-Ark for Secured Remote Access and Complying with NERC CIP Standards.

About Cyber-Ark

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, sessions, applications and sensitive information to improve compliance, productivity and protect organizations against insider threats and advanced external threats. With its award-winning Privileged Identity Management, Privileged Session Management and Sensitive Information Management Suites, organizations can more effectively manage and govern data center access and activities, whether on-premise, off-premise or in the cloud, while demonstrating returns on security investments. Cyber-Ark works with more than 1,100 customers, including more than 35 percent of the Fortune 100. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, please visit www.cyber-ark.com.

Copyright © 2012 Cyber-Ark Software. All Rights Reserved. All other brand names, product names, or trademarks belong to their respective holders.

1 ICS-ALERT-12-046-01A—Increasing Threat to Industrial Control Systems, Oct. 25, 2012

About Business Wire
Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Enterprise Open Source Magazine Latest Stories . . .
The Log Shipper Poll results are in! We run Logsene here at Sematext, so we wanted to know what people like to use to ship their logs. Before we share the results, a few words about the poll: We published it here on our blog on September 22, 2014 We automatically tweeted it and p...
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software,...
Apache Spark is an open-source, large-scale data processing engine built on top of the Hadoop Distributed File System (HDFS) and enables applications in Hadoop clusters to run up to 100x faster in memory, and 10x faster even when running on disk.  So it’s not surprising the usage of Sp...

I once said on stage at Glue that the reason I loved node.js was, quite frankly, that it's a language and with a programming language you can do, well, anything.

But like most things just because you can, doesn't always mean you

OSCON – O'Reilly Open Source Convention – taking place July 20–24, 2015, in Portland, Oregon, is where all of the pieces come together: developers, innovators, businesspeople, and investors. In the early days, this trailblazing O'Reilly event was focused on changing mainstream business...
DevOps Summit 2015 New York, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The widespread success of cloud computing is driving the DevOps revolution in ...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021




SYS-CON Featured Whitepapers
ADS BY GOOGLE