Identity attack vectors : implementing an effective identity and access management solution /

Discover how poor identity and privilege management can be leveraged to compromise accounts and credentials within an organization. Learn how role-based identity assignments, entitlements, and auditing strategies can be implemented to mitigate the threats leveraging accounts and identities and how t...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Haber, Morey J.
Otros Autores: Rolls, Darran
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Berkeley, CA : Apress L.P., ©2020.
Temas:
Computer security.
Identity theft.
Computer Security
Sécurité informatique.
Vol d'identité.
Computer security
Identity theft
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)
Tabla de Contenidos:
  • Intro
  • Table of Contents
  • About the Authors
  • About the Technical Reviewer
  • Acknowledgments
  • Foreword
  • Introduction
  • Chapter 1: The Three Pillars of Cybersecurity
  • Chapter 2: A Nuance on Lateral Movement
  • Chapter 3: The Five A's of Enterprise IAM
  • Authentication
  • Authorization
  • Administration
  • Audit
  • Analytics
  • Chapter 4: Understanding Enterprise Identity
  • People and Persona
  • Physical Persona
  • Electronic Persona
  • Accounts
  • Credentials
  • Realizations
  • Users
  • Applications
  • Machines
  • Ownership
  • Automation
  • Types of Accounts
  • Local Accounts
  • Centralized Accounts
  • Functional Accounts
  • Managed or Proxy Accounts
  • Service Accounts
  • Application Management Accounts
  • Cloud Accounts
  • Entitlements
  • Simple Entitlement
  • Complex Entitlement
  • Controls and Governance
  • Roles
  • Business Roles
  • IT Roles
  • Role Relationships to Support Least Privilege
  • Discovery, Engineering, and Lifecycle Controls
  • Chapter 5: Bots
  • Security Challenges
  • Management Opportunities
  • Governing Bots
  • Chapter 6: Identity Governance Defined
  • Who Has Access to What?
  • Managing the Complexity of User Access
  • The Scope of the Problem
  • Managing the Full Lifecycle of Access
  • Chapter 7: The Identity Governance Process
  • Visibility, Connectivity, and Context
  • Authoritative Sources of Identity
  • Approach to Connectivity
  • Direct-API Connectivity
  • Shared-Repository Connectivity and Deferred Access
  • Standards-Based Connectivity
  • Custom-Application Connectivity
  • Connector Reconciliation and Native Change Detection
  • Correlation and Orphan Accounts
  • Visibility for Unstructured Data
  • Building an Entitlement Catalog
  • The Power to Search and Report
  • Full Lifecycle Management
  • The LCM State Model and Lifecycle Events
  • LCM States
  • Joiner, Mover, and Leaver Events
  • Lifecycle Triggers and Change Detection
  • Delegation and Manual Events
  • Taking a Model-Based Approach
  • Enterprise Roles as a Governance Policy Model
  • Embedded Controls
  • Provisioning and Fulfillment
  • Provisioning Gateways and Legacy Provisioning Processes
  • Provisioning Broker, Retry, and Rollback
  • Entitlement Granularity and Account-Level Provisioning
  • Governance Policy Enforcement
  • Business Rules for Access Compliance
  • Separation of Duty (SoD) Policies
  • Account Policies
  • Entitlement Policies
  • Preventive and Detective Policy Enforcement
  • Violation Management
  • Certification and Access Reviews
  • Purpose and Process
  • Certification Pitfalls
  • Evolution and Future State
  • Enterprise Role Management
  • Why Roles?
  • Role Model Basics
  • Business Roles
  • IT Roles
  • Required or Mandatory Role Relationships
  • Optional or Permitted Role Relationships
  • Engineering, Discovery, and Analysis
  • Role Lifecycle Management
  • Enterprise Role Tips and Tricks
  • The Future of Roles
  • Governing Unstructured Data
  • Changing Problem Scope

Ejemplares similares