A localized space to talk about EPM, specifically for Unix & Linux.
Recently active
The following articles were published last week. New Knowledge Base Articles: KB0021713 - pbuninstall uses high amount of memory and CPU and is not behaving correctly on Ubuntu18 KB0021714 - User assigned to a Role Based Policy in EPM-L is unable to use the policy KB0021725 - 6101.53 Error accessing Message Router statistics error in msgrouter and pb.eventlog is not logging in eventlog
Hello! Last month our Chief Customer Officer, Sean Cashin, provided some information on our upcoming dedicated user community. I’m excited to announce that BeyondTrust launched our new BeeKeepers community on Monday, September 16th! Why BeeKeepers?The name BeeKeepers was born from the idea to protect and secure privileged identities, along with the paths those identities follow in order to gain privilege, aka Paths to Privilege. What does the BeeKeepers name mean to us?Imagine a company’s data and secrets as the honey in a beehive. BeeKeepers take care of the hive, protecting the honey and honeybees, from predators the live to steal the honey, damaging and destroying the hive. Now imagine you, BeyondTrust customers, IT Admins, SOC professionals, and CISOs are the BeeKeepers! And honeybees are identities – human and non-human – continuously travelling along their flight paths, the Paths to Privilege, collecting pollen and making more honey. BeeKeepers protect the honeybees’ path and con
The following articles were published last week. New Knowledge Base Articles: KB0021676 - Error: pbguid Exiting failed to read settings file /etc/pb.settings - general SQL error "
How to open a case for Endpoint Privilege Management for Linux (cloud)? The support Console includes only Mac & Windows option and there is no Linux option.
One of the things that becomes a big issue for customers, especially when we move to automated build processes, is “how do you allow a user to add/remove users or groups, but NOT allow them to add ‘root-capable’ accounts, or elevate their own access?” As has been well discussed in other forums such as OWASP: https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html - input validation is very difficult to do properly, especially if all you’re doing is checking “are these options included in the input?” A lot of customers will simply try to grep the options for dangerous flags or mis-uses, but as documented above, this is not safe - a re-implementation of the commandline parsing is typically required for security.For a customer this month, we built a “pbuseradd” function that re-implements the “useradd” commandline validation, but adds protections such as “you cannot create a new backdoor root user”. One of the features we use to validate these backdoors is the F
Hello All,Leaning into the cliché, it’s hard to believe the year is half over already. As I'm sure is true for many of you, this has been a year of hard work and big changes at BeyondTrust. At the beginning of the year, I stepped into the role of Chief Customer Officer and welcomed both Mike Machado and Brett Thiess to the team as CISO and CMO, respectively. We also welcomed Ron Nissim and his team into the BeyondTrust family with the acquisition of Entitle, expanding BeyondTrust’s stance as an Identity Security leader! As the CCO, my passion and focus are on ensuring that our customers not only adopt but get real value from our products – securing their Identity landscape, minimizing the risk of threat actors, and limiting the blast radius of any incidents. Your thoughts and experiences are a key piece of guidance for us; from your NPS responses and feedback on your interactions with teams like support and services, to your engagement on changes we’ve made to products, we value the fe
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
