This is a place to share what you are seeing in the industry.
Recently active
Hi community,I’m Andrew Rivera, a Product Manager at BeyondTrust, and I’d like to invite interested customers to participate in an upcoming beta for a new product we’re actively developing on the BeyondTrust Pathfinder platform: Workload Credentials.Workload Credentials is designed for modern cloud-native and DevOps environments, enabling workloads such as CI/CD pipelines, Kubernetes workloads, Terraform, and AI agents to authenticate using workload identity (OIDC) and receive short-lived, automatically expiring credentials — eliminating the need for static secrets and manual credential rotation.We’re looking for customers interested in evaluating the current functionality and helping shape the future direction of the product through real-world feedback and collaboration with our product and engineering teams.Current areas of focus include:OIDC federation Dynamic AWS credentials Kubernetes and CI/CD integrations Policy-based access controls This beta is best suited for DevOps, SRE, Clo
Hi Community,I need to make some configuration changes to Password Safe login capabilities. The client has a Cloud instance of Password Safe, and I want to avoid users being locked out of the application in case the configuration fails.Is there a way to back up the SAML IdP configurations so they can be restored if a rollback is needed? Thanks in advance.
Hi All, Can someone suggest how we can migrate privileged passwords from one source password manager and cloud-based password manager to BeyondTrust Password Safe?
Team, Please suggest if there’s a way in Active passive setup to pull the report of last RDP login date for the privilege users on specific managed system?
I understand I can see the last modified date on a secret in Secret Safe. If I modified anything on the secret notes, url, etc, it will show the last modified date for the secret. However, I need to see the date when the password was changed.Has anyone been able to figure this out?
Hello, I would like to know if anyone is using Azure VDI through BeyondTrust PRA.Since RDP is not available for AVD, we need to access it through Web Jump, and the performance is a nightmare.If anyone has similar experience or ideas, it would be great to share them.
We are facing a common challenge in password vaulting systems where the password age isn't directly tracked, and the password hash changes even when unrelated attributes are modified. This makes it difficult to determine when the password was last changed.Problem SummaryNo dedicated timestamp for password change. Password hash changes even when non-password attributes are modified. You need to detect passwords older than 2 years to raise a security finding. How to solve this in secret safe?
Cybersecurity is a rapidly evolving field and staying updated is essential.Books remain (at least for me) one of the best ways to build a sold foundation and stay ahead of threats.What are some of the best cybersecurity books you’ve read?
HI All,Can any one please help me on the below query’s.1.How do we update Jump Clients remotely, 2.if there is another version of jump client, Customer will have to re-install it manually?3.can you please clarify if we have limit of Jump clients to be assigned to our tenant. I think for non-PRA cloud there is a limit of concurrent sessions. Can you please clarify if we will hit any limits here. Thanks
The 2024 Comcast Business Cybersecurity Threat Report is out: https://business.comcast.com/enterprise/products-services/cybersecurity-servicesSome key trends highlighted include:Phishing remaining a critical initial access vector with large amount tied to credential access. Increase in credential dumping though Active Directory replication and OS credential dumping techniques. “Attackers are increasingly focused on stealing and manipulating authentication credentials to gain unauthorized access and escalate privileges within networks.” Increased exploitation of public facing apps More sophisticated lateral movement techniques including the exploitation of remote services like Lightweight Directory Access Protocol (LDAP), Remote Desktop Protocol (RDP)How does this line up with what you are seeing in the threat landscape?
Just In Time (JIT) and Just Enough Access (JEA) are hot topics right now. Gartner points out, by 2025, 75% of cyber insurance companies will require the use of the JIT principle when implementing Privileged Access Management (PAM).As organizations look to drive forward their PAM and Identity Security maturity many are focusing on JIT in 2025 to improve their security posture especially in cloud and SaaS areas.Is this an area you are actively working on? How are you thinking about reducing standing privileges and enabling JIT access?Resources:https://www.beyondtrust.com/blog/entry/just-in-time-access-what-it-is-why-you-need-ithttps://www.beyondtrust.com/resources/whitepapers/guide-to-just-in-time-privileged-access-management
MITRE and NVIDIA launch a new $20 million AI supercomputer to help U.S. government agencies tap into custom AI solutions to secure infrastructure. At the same time Gartner are seeing AI passing the “Peak of Inflated Expectations” and heading towards the “Trough of Disillusionment”.https://www.mitre.org/news-insights/fact-sheet/mitres-federal-ai-sandboxhttps://www.gartner.com/en/documents/5505695What are your thoughts around AI industry trends? Where is AI adding value for you today?How much are you planning with AI in mind?
Already have an account? Login
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.