Analytics
11/7/2012
02:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Avecto Launches Privilege Guard 3.6 With Windows 8 Compatibility And App Store Control

Software includes privileged application control based on download source

MANCHESTER, UNITED KINGDOM and BOSTON, MA: October 23, 2012- Avecto, the leader in Windows privilege management, today announced the release of Privilege Guard 3.6, the newest version of its award-winning solution. Version 3.6 introduces a number of powerful new features, including a challenge/response capability to easily authorize applications for remote users and the industry's first-ever application control capability based on download source. Available today, Privilege Guard 3.6 is compatible with the upcoming Windows 8 operating system and provides enterprise control over apps downloaded from the Windows Store.

Key New Features:

· Challenge/Response Authorization For Secure User Flexibility - Provides remote application authorization via secure, 8-digit challenge/response codes that enable one-off, session-based or permanent elevation of individual applications.

· Enterprise Control of Windows 8 Store Apps – Whitelisting, blacklisting and full auditing of apps that are installed or downloaded from the Windows Store, ensures corporate-approved, controlled user access to apps on Windows 8 desktops, laptops and tablets.

· Elevation of Apps Based on Download Source - Provides tracking and control of software and applications, based on their download source, enabling intelligent whitelisting, blacklisting and elevation of applications.

· New Enterprise Reporting - Offers the broadest range of dashboards and reports on applications, processes, users, endpoints and policies with detailed summaries and the ability to drilldown to granular specifics. Delivers reports in a refreshed, easy-to-read and intuitive style.

· Privilege Guard Activity Viewer for Advanced Insight - New advanced diagnostics and troubleshooting tool built on Windows Management Information (WMI) provides detailed analysis of executed applications and applied policies for any managed endpoint.

· Privileged Account Management to Prevent Rogue Accounts - Provides sophisticated protection against tampering and the creation of rogue privileged accounts via a new policy setting.

· Full Templates and Event Import Wizard for Simplified Policy Creation - Streamlines policy creation for standalone evaluations through to advanced policies for enterprise rollouts via a wide variety of templates. Plus, the all-new Event Import Wizard - integrated directly into the management console - provides a unified workflow that allows audit events to be directly used in the creation and refinement of policies.

"Enterprises are faced with unparalleled challenges and opportunities, if you consider how new operating systems, in particular Windows 8, can transform an enterprise's environment and user-driven movements, such as Bring-Your-Own-Device (BYOD)," said Mark Austin, co-founder and CTO of Avecto. "This rapid speed of change, coupled with a convergence of technologies, puts tremendous pressure on the enterprise to empower users with the flexibility they need to perform their jobs, without compromising network security. At Avecto, it's our mission to help the enterprise navigate through these market dynamics and ultimately strike the elusive balance between productivity and security. Privilege Guard 3.6 does this by taking privilege management to new heights, enabling far greater visibility and control over corporate desktops and tablets."

Resources

Visit Avecto's booth #108 at the McAfee Focus 12 Security Conference, from Oct. 22 – 24, for demos of Privilege Guard 3.6. as well as the McAfee ePO Edition of Privilege Guard.

Learn more about Avecto by visiting its website.

Connect with Avecto on its blog and on LinkedIn and Twitter

About Avecto

Avecto is the leader in Windows privilege management, helping organizations to deploy secure and compliant desktops and servers. With its award winning Privilege Guard technology, organizations can now empower all Windows based desktop and server users with the privileges they require to perform their roles, without compromising the integrity and security of their systems.

Customers of all sizes rely on Avecto to reduce operating expenses and strengthen security across their Windows based environments. Our mission is to enable our customers to lower operating costs and improve system security by implementing least privilege. Avecto is building a worldwide channel of partners and system integrators and is headquartered in Manchester, UK with key regional headquarters in Andover, MA and Munich, Germany.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3580
Published: 2014-12-18
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

CVE-2014-6076
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.

CVE-2014-6077
Published: 2014-12-18
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CVE-2014-6078
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.

CVE-2014-6080
Published: 2014-12-18
SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.