Analytics
6/14/2013
02:02 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Lieberman Software Launches First Security-As-A-Service PIM Platform

ERPM’s newest version offers two interfaces that provide a programmatic option for identity management

(Los Angeles, CA and Washington DC – June 10, 2013) As the IT infrastructures for today's large Cloud Service Providers, Managed Service Providers and Internet Service Providers expand beyond hundreds of thousands of systems, the ability to manage and secure these dynamic environments grows increasingly complex. In response to this market development, Lieberman Software Corporation announced a major upgrade to Enterprise Random Password Manager&trade (ERPM), the company's flagship Privileged Identity Management (PIM) product, designed as the industry's first Security-as-a-Service PIM platform.

In its new evolution as a service platform, ERPM now provides full automation and programmatic orchestration of privileged credentials, certificates, pin codes, passcodes and other sensitive data generated on a massive scale by large multi-tenant organizations. With ERPM, the discovery, auditing and access control of credentials and certificates in the world's largest enterprises and service providers can now be managed entirely by machines, rather than through direct human interaction.

"Our philosophy has always been that automation is the only way to take control over the powerful privileged identities widespread throughout modern IT environments," said Philip Lieberman, President and CEO of Lieberman Software. "Only by deploying automated security solutions can organizations locate and remediate weaknesses faster than nation-state attackers and other criminal hackers can exploit them.

"The challenge is in managing and securing these identities at massive scale. When gas meters, water meters, cable boxes, desktop boxes, cell phones, routers and more are all taken into account, the number of systems that need to be managed can extend into the millions. A truly secure environment requires all identities on all devices to be discovered and managed. To that end, we've developed ERPM as a solution that can automatically manage the entire privileged identity and certificate management lifecycle - from the auto-discovery of each privileged account to the propagation of password changes throughout the enterprise - without manual involvement."

To accomplish this, ERPM's newest version offers two interfaces – with Windows PowerShell® and SOAP web services – that provide a programmatic option for identity management.

Lieberman Software has been an ISV since 1994 and originally developed the first tools for the privileged identity management market more than 10 years ago. ERPM was the first product capable of automatically locating all of the privileged accounts in large, dispersed enterprises, and then securing and tracking each of these accounts. Today, ERPM helps organizations in all major vertical markets worldwide prevent unauthorized users and malicious programs from gaining unrestricted and anonymous access to systems with highly sensitive data. All of ERPM's previous capabilities remain in the new version of the product.

Lieberman Software is exhibiting this new ERPM functionality in booth 5 at the Gartner Security and Risk Management Summit in National Harbor, MD this week.

For more information see http://www.liebsoft.com/ERPM_Programmatic_Access/

About Lieberman Software Corporation

Lieberman Software provides privileged identity management and security management products to more than 1000 customers worldwide, including nearly half of the Fortune 50. By automatically discovering and managing privileged accounts throughout the network, Lieberman Software helps secure access to sensitive data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privileged account management space, and its products continue to lead the market. Lieberman Software is headquartered in Los Angeles, CA with an office in Austin, TX and channel partners throughout the world. For more information, visit www.liebsoft.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
Threat Intel Today
Threat Intel Today
The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3580
Published: 2014-12-18
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

CVE-2014-6076
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.

CVE-2014-6077
Published: 2014-12-18
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CVE-2014-6078
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.

CVE-2014-6080
Published: 2014-12-18
SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.