Identity Attack Vectors
- Author: Darran Rolls, Morey J. Haber
- ISBN: 1484251644
- Year: 2019
- Pages: 196
- Language: English
- File size: 5.2 MB
- File format: PDF, ePub
- Category: Security
Discover how bad innocence and identity management can be leveraged to compromise accounts and credentials within an organization. Learn how role-based identity duties, entitlements, and auditing strategies can be implemented to mitigate the dangers of leveraging identities and accounts and how to manage compliance for regulatory initiatives.
As an option, Identity Access Management (IAM) has emerged as the basis of enterprise security. Managing reports, credentials, functions, certificate, and attestation reporting for many resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities grow exponentially. As cyber-attacks continue to rise in volume and sophistication, it’s not a matter of if, but when, your organization is going to have an incident. Threat actors target users, accounts, and their related identities, to run their malicious actions through privileged strikes and asset vulnerabilities.
Identity Attack Vectors details the dangers associated with poor identification management practices, the techniques which hazard actors and insiders leverage, along with the operational best practices that organizations should adopt to safeguard against identity theft and account compromises and to create an effective identity governance program.
What You Will Learn
- Know the concepts behind identity and their associated credentials and reports can be leveraged as an attack vector.
- Implement an effective Identity Access Management (IAM) application to manage identities and roles, and a Supply certificate for regulatory compliance.
- See where identity management controls perform a part of the cyber kill chain and the way that rights should be handled as a possible weak link.
- Build upon industry standards to incorporate key identity management technology into a corporate ecosystem.
- Plan for a successful setup, implementation extent, quantifiable threat reduction, auditing and discovery, regulatory reporting, and oversight based on real-life strategies to prevent identity assault vectors.
Management and implementers in IT operations, security, and auditing looking to understand and execute identity access management software and also handle statements in these environments.