Hi all - we are starting to align more closely with Security around our EPM solution. Is there a hardening guide around EMPfW/M? CIS benchmarks often do this around various products (Windows, mac, ubuntu, Browers etc); is there a guide that exists around EPM? This would help us document our defined Technical Controls more easily than going through setting by setting and also ensure we are following security best practices around EMP.
Is this what you are looking for?
https://docs.beyondtrust.com/epm-wm/docs/windows-performance-report
Hi Jens! Long time no talk. This is not what we are after, what you have provided is for the endpoint application performance impact.
Things we are looking for are, do you allow your environment to be accessed publicly or is it restricted to managed devices within your environment, what admin controls are around who can can access what features of the solution (reporting, policy editing etc.)
Likewise.
The SCIM API can provide some of the information about Users, Roles and Permissions.
Use the Swagger below.
Authentication Provided Settings will limit who can sign in and from where.
Controlled by one of these supported providers, OKTA, MS, Ping Identity or Google.
MichaelD wrote:
Hi all - we are starting to align more closely with Security around our EPM solution. Is there a hardening guide around EMPfW/M? CIS benchmarks often do this around various products (Windows, mac, ubuntu, Browers etc); is there a guide that exists around EPM? This would help us document our defined Technical Controls more easily than going through setting by setting and also ensure we are following security best practices around EMP.
Hey MichaelD,
Just so I make sure I’ve correctly understood your ask here - are looking for BeyondTrust guidance on how to configure EPM securely, or how you might configure EPM in support of hardening an endpoint via EPM policy?
If it’s the former, are you looking at guidance related to configuration/hardening of the agent and related components, or are you looking for good practice or even prescriptive configuration for the policy side of EPM, or perhaps both?
Cheers,
Paul
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.