Security Research

Looking for some insight from our customers that are using the new copilot ARM devices. Specifically around the use of smart card devices.Do these devices actually have physical smart card readers? 

November 2024 – We are excited to announce that BeyondTrust recently launched its online Trust Portal, building on the foundation of our Trust Center launched earlier this year.   What is a Trust Portal? A Trust Portal allows our customers to conduct their security review and assess our posture in a self-service fashion leading to simplification, automation, and consolidation. We encourage you to get the information you need to conduct your review and complete due diligence activities with just a few clicks.   Through our portal, we are dedicated to showcasing our unwavering commitment to security, privacy, and compliance and how we work to protect our customers and their da

HI, I would like to configure a webhook with Microsoft Teams to be able to receive a notification when a JIT approval is arriving in PM Cloud.Indeed, at this time, no notification for these events is not valuable. I try to re use the Identity Insight documentation about Teams Webhook but it doesn’t work and I don’t receive anything.Do you have info about the Content Type and authorization fields ?

We have followed this BT KB Article - KB0016985 : How to confirm AD connectivity - Prerequisites required by Password Safe for Active Directory connections on to solve the issues of AD Connectivity. 2024-11-08 16:06:26.354 +00:00 [Debug] ()  Starting BTTestADGroupResolutionTool 1.2.1.0 2024-11-08 16:07:42.855 +00:00 [Debug] ()  Starting BTTestADGroupResolutionTool 1.2.1.0 2024-11-08 16:08:31.147 +00:00 [Information] ()  Attempting connectionless LDAP query 2024-11-08 16:08:33.711 +00:00 [Information] ()  Successfully got a response? True 2024-11-08 16:08:33.712 +00:00 [Debug] ()  LDAP ping took 00:00:02.5639690 2024-11-08 16:08:33.712 +00:00 [Information] ()  About to do lookup for the entered user 2024-11-08 16:08:33.713 +00:00 [Debug] ()  GetPrincipalForDomain

Abuse of Active Directory Certificate Services has been on the rise since 2021, with a growing number of techniques to abuse misconfigured template or vulnerable services. These are fairly common in enterprise environments and can provide attackers with a path to easily authenticate as a domain administrator from any standard domain account.I can highly recommend the posts by Raul Carmona and colleagues on ADCS attack paths:https://www.beyondtrust.com/blog/entry/esc1-attacks https://www.beyondtrust.com/blog/entry/esc4-attacksWe also have a webinar on the topic which includes an explanation and a demo of how these attacks work: