Privilege is the Key to Protecting Against Zero Day Threats

We’ll examine the abuse of user, system and network privilege and how to create an infrastructure that cat prevent, frustrate and contain zero day threats in varying degrees. We examine look ZeroTrust principles of trust and verify, which is the gold standard for security – but the cost of verification of each transaction is high. We’ll look at how to balance this and add layers of verification to systems and applications that don’t have it in the first place. Finally we will look at the principles of Privileged Process Automation – which is an effective air gap for privileged based security.

speaker_info

About The Speaker

Andy Harris

Andy Harris, Inventor of the MIMESweeper series of products (MAILSweeper, WEBSweeper etc) has been intrigued by cybersecurity from a war dialing attack to modern day ransomware. As CTO of Osirium he understands how privilege on victim systems is the key goal of attackers, how they obtain privilege and how they use it for lateral movement, and in some cases to disable protection from anti-malware. Andy still codes, has an active github account and manages a home network of over 150 devices.

Position:

CTO at Osirium

Social:

In the current world of outsourcing, it can be hard to see who has privileged access to what on your systems. These days, the lowest paid people have the highest privileges – and they may not even work for your organisation. Osirium readdresses this balance for end-user organisations and uniquely allows MSSPs to manage tens of thousands of account credentials, outsource safely and keep their clients happy on the compliance front.

event_info