How to Identify and Mitigate Risk of Privilege Escalation Attacks
Register now!Thank You!!
Cybercriminals target privileged access on Windows and Linux systems to move around, steal credentials, deploy malware, and cause disruption. Through privilege escalation techniques, attackers leverage their initial foothold on workstations and servers to obtain higher-level Domain Administrator, Local Administrator, and NT Authority/System access.
On Linux, condition-based privilege elevation is typically enabled via the sudo (Super User DO) command for user accounts, but this is a complex process which can be difficult to manage and makes Linux systems particularly vulnerable to privilege escalation attacks. Attackers attempt to abuse sudo misconfigurations to get root access and achieve their goals.
To protect workstations and servers from attack, security professionals must know the latest strategies to identify and mitigate unwanted privilege escalation.
Join Delinea Chief Security Scientist and Advisory CISO Joseph Carson as he leads a discussion and live demonstration of a privilege escalation attack. He’ll walk through several tools hackers use to automatically assess Windows and Linux systems for viable privilege escalation (MITRE ATT&CK TA0004) opportunities:
- winPEAS, a script that discovers all possible paths for privilege escalation on Windows hosts.
- Sherlock, which identifies missing patches that enable privilege escalation.
- linPEAS, is a script that searches for possible paths to escalate privileges on Linux/Unix*/MacOS hosts.
- And more...
Who should attend this webinar?
- Secret Server customers
- IT security
- PAM experts
- Delinea customers
- Director of Information Security
- People who are new to PAM
- IT operations: Systems Administrators, Helpdesk Teams, Infrastructure Management, Workstation Management, etc.
What will I learn?
- Privilege escalation techniques on Windows and Linux.
- Common techniques that hackers use for privilege escalation, like insecure service permissions, unquoted service paths, weak registry permissions, and sudo misconfigurations.
- Common attack paths for privileged accounts.
Get answers to these important questions:
- What are some of the ways to protect against privilege escalation?
- How can my company harden systems to prevent and prepare for cybersecurity events?
- What are the different stages of a privilege escalation attack?
What will I receive from attending?
- Recording of this webinar
- Privileged escalation whitepaper
- Free trial of Server PAM
MEET THE PRESENTERS
Joseph is Chief Security Scientist and Advisory CISO at Delinea, an active member of the cybersecurity community, and a frequent speaker at cybersecurity events globally. He has 25+ years’ experience in Enterprise Security & Infrastructure and is a Certified Information Systems Security Professional (CISSP). Joe is also an adviser to several governments and cybersecurity conferences. (ISC)² Information Security Leadership Award (ISLA:registered®) Americas Winner 2018.