Lieberman Software
  Follow us on Twitter  Follow us on LinkedIn  Blog  Lieberman Software on
                            YouTube  Google Plus
August 2013       

Top of Mind

Staying Ahead of Attackers (Part 2)

Philip Lieberman, President & CEO
Lieberman Software

Continued from last month...

R & D

Last month I described a little about our vision of technology handling large scale security management as well as how we saw our investment in R & D as our secret sauce that makes our products different from anything you could write yourself or buy from our competitors.

In this month’s column I would like to clarify a few terms you may have heard our competition throw around claiming parity with our solutions.


In our company, discovery refers to the ability of our products to automate the continuous discovery/deletion of machines, accounts, and where/how identities are used in your environment without the need for human interaction in the process.

In other words, we discover most every identity and how it is being used from day 1 and determine what is a privileged identity in the sea of all accounts by evaluating discovered usages.


Discovery is not only the ability to find all this information, but also the inherent ability within the product to change identities and where they are used without causing outages. The propagation of change is also built into the product as well as the ability to handle very complex and distributed usage cases without the need for humans to write specialize code. This includes corner cases such as DMZs, clustered services, and isolated domains – again without customization.

Snapshot vs. Real-Time Discovery

If you take a snapshot of identities and how they are being used, how long is that information valid? In most situations, the information should be considered suspect within minutes of its discovery. If your current solution requires that you take manually take usage snapshots and import them by hand, how well do you think that strategy will work against nation-state attacks? Answer: not very well.

Our strategy is to always rediscover and correlate usage regularly without human intervention and always automatically rediscover everything needed for a password change right before making a password change so that we are always using the most up-to-date information.

Heartbeat Monitor

The entire lifecycle of an identity from its initial discovery, initial password randomization, password check-out/check-in, timed re-randomization (called auto-roll in our product), and periodic verification of access with the latest credential is an automated process in our solution. All of these steps are built into the product, require no customization, and work as expected. This is not our heartbeat, but just the normal lifecycle of identity management for enterprises.

We also have a special technology known as the Heartbeat Monitor that checks for flaws in the protocol stacks of different operating systems that cause a connection or transaction to get stuck permanently. Our Heartbeat Monitor examines transactions and automatically kills threads that are not making progress for a very long time. This technology is designed to assure that large jobs managing enormous environments are not jammed up indefinitely due to a single sick machine that is not handshaking properly and where the built-in operating system will not release the connection.

Zone Processors

Our Zone Processor technology has been in development for over a decade and provides a host of technologies needed by large distributed environments that demand performance, fault tolerance, and also require that work be automatically distributed across the globe in an automated manner.

Our discovery and propagation technology makes a huge number of network calls to every machine to determine identity storage and usage. When operating in a physically distributed network with high latency, zone processors are configured to proxy work using a local machine on each network for fast results. For resiliency, zone processors operate in tandem to take up work as needed in the job queues.

For very large jobs, the order of completion is not deterministic and zone processors are designed to automatically break up work and cooperatively complete complex jobs with no need for human assistance in the completion plan.

Zone processors are a unique technology only available from us and get better in each version of our product as we tune their algorithms.

More to Come

There are more differentiators we will cover in future Top of Mind editorials. Suffice it to say, that although you may pay more for our solutions than our competitors, the result of your investment is the purchase of better technology that meets your business needs in hours not years.

What do you think? Email me at: You can also follow me on Twitter: @liebsoft or connect with me via LinkedIn.
What's New in Identity Week

Featured commentary on our
Identity Week blog this month includes:
  • Are Hackers Targeting Your Help Desk? A recent whitepaper from the SANS Institute and RSA Security reports that the corporate Help Desk is now a prime target for hackers. The report details social engineering exploits that succeeded in stealing passwords, employees’ personal information, and other private data from Help Desk staff... 

Events / Press / Analysts
  • Would you like an eat to bite? SC Magazine. At the time of writing I'm not sure if Edward Snowden is still sitting in a Moscow transfer lounge or settling in to his 'luxury apartment' in a barrio in Venezuela. Regardless of where he is, I've become relatively blasé when it comes to hearing about yet another security breach, or of stories that Big Brother is watching us. It's almost like a traffic policeman going to the press and saying that speeding fines are a money-making racket; as if the average person in the street is going to be surprised. 
  • Government intervention scares users from using the cloud. SC Magazine UK. A fear of government snooping is deterring IT departments from using the cloud. According to a survey of 300 IT managers, 48 per cent said that the potential for government and legal interference puts them off from entering information into the cloud environment.
  • PCI Growing Up? Dark Reading. The formalization of requirements that push organizations toward implementing risk management practices and security processes that persist beyond auditor visits are important for the credibility of the standard and the health of security practices at organizations subject to PCI scrutiny, says Philip Lieberman, CEO of Lieberman Software. 
  • PCI 3.0 Gets Positive Initial Reviews from Security Pros. IT Jungle. For many IT professionals, the letters "PCI DSS" conjure painful memories of invasive audits of internal systems that, in the end, generated hundreds of billable hours for compliance experts but did little to actually boost security. While the PCI 3.0 standard that was previewed last week won't eliminate deep scrutiny, it may actually boost security, experts say.
  • Privileged Identity Management in the Cloud. Cloud Computing Journal. Every cloud infrastructure can be home to potentially hundreds of thousands of vulnerable privileged accounts. The presence of automated hacking tools means improperly secured privileged logins are almost certain to give hackers free reign on the network and access to customers' private data, within minutes of an incursion.
  • NSA Takes First Steps to Heal Public Perception by Eliminating IT Jobs. Windows IT Pro. In the next chapter of the PRISM scandal, Reuters is reporting today that the NSA will be eliminating 90 percent of its system administrators. NSA confirmed what we have been saying for years: persistent and broad access to sensitive systems is inappropriate. This also points out the other issue of privileged access, namely the problem of using contractors and controlling their access.
  • North Korea ‘Uses Troll Army For Attacks On South’. TechWeek Europe. North Korea is using an army of 200 trolls and 3,000 cyber security experts to undermine and attack South Korean organisations. This is a perfect illustration of the ability of anyone with a connection to the Internet to use it for asymmetric warfare. As a nation state, North Korea is projecting its power and influence in all ways available to it. This is not dissimilar to all other countries with cyber-warfare capabilities worldwide.

Tech Tip of the Month

Need Native Language Support?

The web-based user interface of Enterprise Random Password Manager and Random Password Manager is localized in over twenty different languages. Is your language supported? Find out now.

Lieberman Software Corporation respects your right to privacy, and believes any information you provide us should be protected from disclosure to others. For more information, please read our privacy policy. You are receiving this email because you have granted us permission to contact you. If you do not wish to receive email messages from Lieberman Software in the future, please click here.

Lieberman Software Corporation
1900 Avenue of the Stars, Suite 425
Los Angeles, CA  90067
           |    (01) 310-550-8575  |