Identity attack vectors : implementing an effective identity and access management solution /: implementing an effective identity and access management solution. (©2020)
- Record Type:
- Book
- Title:
- Identity attack vectors : implementing an effective identity and access management solution /: implementing an effective identity and access management solution. (©2020)
- Main Title:
- Identity attack vectors : implementing an effective identity and access management solution
- Further Information:
- Note: Morey J. Haber, Darran Rolls.
- Other Names:
- Haber, Morey J
Rolls, Darran - Contents:
- Intro -- Table of Contents -- About the Authors -- About the Technical Reviewer -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: The Three Pillars of Cybersecurity -- Chapter 2: A Nuance on Lateral Movement -- Chapter 3: The Five A's of Enterprise IAM -- Authentication -- Authorization -- Administration -- Audit -- Analytics -- Chapter 4: Understanding Enterprise Identity -- People and Persona -- Physical Persona -- Electronic Persona -- Accounts -- Credentials -- Realizations -- Users -- Applications -- Machines -- Ownership -- Automation -- Types of Accounts -- Local Accounts Centralized Accounts -- Functional Accounts -- Managed or Proxy Accounts -- Service Accounts -- Application Management Accounts -- Cloud Accounts -- Entitlements -- Simple Entitlement -- Complex Entitlement -- Controls and Governance -- Roles -- Business Roles -- IT Roles -- Role Relationships to Support Least Privilege -- Discovery, Engineering, and Lifecycle Controls -- Chapter 5: Bots -- Security Challenges -- Management Opportunities -- Governing Bots -- Chapter 6: Identity Governance Defined -- Who Has Access to What? -- Managing the Complexity of User Access -- The Scope of the Problem Managing the Full Lifecycle of Access -- Chapter 7: The Identity Governance Process -- Visibility, Connectivity, and Context -- Authoritative Sources of Identity -- Approach to Connectivity -- Direct-API Connectivity -- Shared-Repository Connectivity and Deferred Access -- Standards-Based ConnectivityIntro -- Table of Contents -- About the Authors -- About the Technical Reviewer -- Acknowledgments -- Foreword -- Introduction -- Chapter 1: The Three Pillars of Cybersecurity -- Chapter 2: A Nuance on Lateral Movement -- Chapter 3: The Five A's of Enterprise IAM -- Authentication -- Authorization -- Administration -- Audit -- Analytics -- Chapter 4: Understanding Enterprise Identity -- People and Persona -- Physical Persona -- Electronic Persona -- Accounts -- Credentials -- Realizations -- Users -- Applications -- Machines -- Ownership -- Automation -- Types of Accounts -- Local Accounts Centralized Accounts -- Functional Accounts -- Managed or Proxy Accounts -- Service Accounts -- Application Management Accounts -- Cloud Accounts -- Entitlements -- Simple Entitlement -- Complex Entitlement -- Controls and Governance -- Roles -- Business Roles -- IT Roles -- Role Relationships to Support Least Privilege -- Discovery, Engineering, and Lifecycle Controls -- Chapter 5: Bots -- Security Challenges -- Management Opportunities -- Governing Bots -- Chapter 6: Identity Governance Defined -- Who Has Access to What? -- Managing the Complexity of User Access -- The Scope of the Problem Managing the Full Lifecycle of Access -- Chapter 7: The Identity Governance Process -- Visibility, Connectivity, and Context -- Authoritative Sources of Identity -- Approach to Connectivity -- Direct-API Connectivity -- Shared-Repository Connectivity and Deferred Access -- Standards-Based Connectivity -- Custom-Application Connectivity -- Connector Reconciliation and Native Change Detection -- Correlation and Orphan Accounts -- Visibility for Unstructured Data -- Building an Entitlement Catalog -- The Power to Search and Report -- Full Lifecycle Management The LCM State Model and Lifecycle Events -- LCM States -- Joiner, Mover, and Leaver Events -- Lifecycle Triggers and Change Detection -- Delegation and Manual Events -- Taking a Model-Based Approach -- Enterprise Roles as a Governance Policy Model -- Embedded Controls -- Provisioning and Fulfillment -- Provisioning Gateways and Legacy Provisioning Processes -- Provisioning Broker, Retry, and Rollback -- Entitlement Granularity and Account-Level Provisioning -- Governance Policy Enforcement -- Business Rules for Access Compliance -- Separation of Duty (SoD) Policies -- Account Policies Entitlement Policies -- Preventive and Detective Policy Enforcement -- Violation Management -- Certification and Access Reviews -- Purpose and Process -- Certification Pitfalls -- Evolution and Future State -- Enterprise Role Management -- Why Roles? -- Role Model Basics -- Business Roles -- IT Roles -- Required or Mandatory Role Relationships -- Optional or Permitted Role Relationships -- Engineering, Discovery, and Analysis -- Role Lifecycle Management -- Enterprise Role Tips and Tricks -- The Future of Roles -- Governing Unstructured Data -- Changing Problem Scope … (more)
- Publisher Details:
- Berkeley, CA : Apress L.P
- Publication Date:
- 2020
- Copyright Date:
- 2020
- Extent:
- 1 online resource (205 pages)
- Subjects:
- 005.8
Computer security
Identity theft
Computer security
Identity theft
Electronic books - Languages:
- English
- ISBNs:
- 9781484251652
1484251652 - Related ISBNs:
- 9781484251645
1484251644 - Notes:
- Note: Print version record.
- Access Rights:
- Legal Deposit; Only available on premises controlled by the deposit library and to one user at any one time; The Legal Deposit Libraries (Non-Print Works) Regulations (UK).
- Access Usage:
- Restricted: Printing from this resource is governed by The Legal Deposit Libraries (Non-Print Works) Regulations (UK) and UK copyright law currently in force.
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD.DS.480000
- Ingest File:
- 03_030.xml