Privileged Accounts Are Your SIEM Blind Spot

PRESS RELEASE

Lieberman Software Adds Key Missing Privileged Identity Management Data to Leading SIEM Products

New Solution Allows Users to Integrate Critical Security Event Information in Minutes

(Los Angeles, CA – February 15, 2011) Security information and event management (SIEM) solutions have become a must-have in IT environments because the technology helps make sense of the vast quantities of data provided by security software and appliances across the network. But for all the advantages of SIEM, until now the solutions had one troubling blind spot. While SIEM can correlate volumes of security data to create a picture of singular events, by itself it lacks the ability to tie those events to the most powerful users and processes within IT. 

Lieberman Software Corporation today announced that the latest version of Enterprise Random Password Manager™ (ERPM), the company’s flagship privileged identity management (PIM) solution, provides deep, out-of-the-box integration with ArcSight ESM™, RSA enVision™, and the Q1 Labs QRadar™ Security Intelligence Platform. Available at no additional cost to supported customers, ERPM now includes an intuitive setup Wizard that customers can use to configure integration with these SIEM systems in only minutes.

Once customers enable the integration features in ERPM, the PIM and SIEM technologies work in concert to ensure that only authorized personnel can access an organization’s most sensitive data, change configuration settings, and run programs on the network.

“Our collaboration with leading SIEM providers has eliminated a single, critical blind spot that was present in these solutions,” said Philip Lieberman, president of Lieberman Software. “These technical integrations allow IT staff to correlate the most powerful and potentially disruptive human and automated actions with the individuals responsible. Prior to this integration, the lack of individual accountability was a key missing element in SIEM.”

About the PIM and SIEM Integration

In most large organizations, IT staff and the software that links computers, databases and applications all maintain access through privileged account credentials. Widely shared and seldom changed, these “super user” accounts grant access to read and alter sensitive data, change configuration settings and run programs everywhere on the network.

Because SIEM systems were not designed with privileged identities in mind, they have no way to tie security events that are triggered through use of these accounts with the individuals and processes responsible.  This lack of visibility can leave IT staff with too little information to make informed decisions and the inability to differentiate between routine security events and potentially damaging – or even criminal – activity.

The integrations between ERPM and SIEM technology close this visibility gap by showing IT staff not only when and where critical events occurred, but also precisely who was responsible for any action that required the use of highly “super user” accounts. ERPM and leading SIEM solutions also work together to generate an audit trail to correlate the actions taken by privileged users with the security events that might result.  By removing anonymity, the products introduce accountability for all users who access the organization’s most critical IT resources – revealing who had access to what systems and data, when and for what purpose.

The ERPM integrations with SIEM solutions are available immediately at no cost to supported customers. The company anticipates announcing additional integrations with SIEM systems in the near future.

Lieberman Software is exhibiting the latest version of ERPM in booth 529 at RSA Conference in San Francisco, CA this week.

About Lieberman Software Corporation

Lieberman Software provides privileged identity management and security management solutions that protect the multi-platform enterprise. By automating time-intensive IT administration tasks, Lieberman Software increases control over the computing infrastructure, reduces security vulnerabilities, improves productivity and helps ensure regulatory compliance. As Pioneers of Privileged Identity Management Lieberman Software not only developed the first software solution to address this need, its products continue to lead the market in features and functionality. The company is headquartered in Los Angeles, CA with an office in Austin, TX. For more information, see www.liebsoft.com.

###

Product and company names herein may be trademarks of their registered owners.

For more information, please contact:
Kevin Franks
Marketing Communications Manager
Lieberman Software Corporation
310.300.3562
 
www.liebsoft.com
 www.identityweek.com  
www.twitter.com/liebsoft  
kfranks@liebsoft.com 

 



Live chat by SightMax