Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

5/17/2012
01:53 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Viewfinity Releases Next-Gen Privilege Management Software

Viewfinity Privilege Management 4.0 automatically sets policies for rights and privileges

WALTHAM, MA MAY 14, 2012 – Viewfinity (www.viewfinity.com), the leading provider of privilege management solutions, today announced Viewfinity Privilege Management 4.0, a compelling and major upgrade to the company’s flagship product. With this release, enterprises have a new, automated approach previously not available in any solution for managing rights and privileges for standard users on Windows endpoints and servers. Viewfinity’s new, intelligent automation identifies commonly needed privileges across the entire user base within an organization and automatically aggregates privilege needs, then creates a single policy to address the common need for a collective group of users. This containment of policy proliferation results in enormous time, cost and management savings. Another major announcement in this release is Viewfinity’s Least Privilege Control for Data.

"The one vulnerability we can’t easily patch are end-users. The single most important way to improve endpoint security is to run more of your Windows users without administrator rights," said Neil MacDonald, VP & Gartner Fellow. "Removal of administrative rights from end users helps IT security and operations teams to minimize the ability of malicious code to cause damage to Windows system files or sensitive areas of the machine."

“IT professionals agree that removing administrative rights is a smart practice for reducing security risks, and yet they know there has got to be a better way to deal with the productivity disruptions,” said Leonid Shtilman, CEO and co-founder of Viewfinity. “Organizations that have removed administrator rights needed an automated method for controlling the number of policies being created so they can reduce policy proliferation and its associated increased workload. We’ve drastically improved our product to take the burden off IT by automating many of the steps needed to setup policies to manage privileges. These measures enable IT to increase the number of standard users without interrupting productivity.”

Viewfinity’s 4.0 version represents a breakthrough in the way endpoints are managed with an automated approach to privilege management that reduces the number of policies in an environment by an order of magnitude.

"With our newest software release, there is no reason to grant users administrator rights," said Gil Rapaport, President and co-founder of Viewfinity. “Our innovative version 4.0 solution now provides organizations with the ability to implement fully transparent, automatic privilege management, raising endpoint protection through privilege management to a low maintenance, fundamental and necessary layer of security.”

Least Privileges for Data

Viewfinity’s privilege control for data provides the much needed ability to implement least privileges at the data level by elevating or reducing privileges/permissions on folders, files and shares. Additionally, features are mapped to support compliance mandates and provides greater compliance reporting through a dedicated reporting section addressing SOX, HIPAA, PCI DSS, FDCC, and other industry compliance requirements. These reports provide for easy access to and the delivery of pertinent information to risk management professionals. Viewfinity’s Video Audit feature provides an option to capture a screen recorded video of end-user and privileged user activity based upon a particular application or policy.

Pricing and Availability

Viewfinity Privilege Management 4.0 GA is now available. Viewfinity is the only solution that offers three implementation options: via the company’s SaaS/Cloud platform, through on-premise servers as a private Cloud, or within Group Policy.

Pricing for Viewfinity Privilege Management is based on the number of desktops, laptops or servers being managed. List pricing is as follows:

Perpetual

Subscription

Endpoints

$35-40 Support & Maintenance is 25% of list price for 24x7

$20 per endpoint/annually Includes support & maintenance

Servers

$140 per Server Support & Maintenance is 25% of list price for 24x7

$75 per server/annually

Includes support & maintenance

Volume discounts apply for either type of licensing model

Follow us on Twitter: @Viewfinity. Read our blog: www.viewfinity.com/blog/. Watch our videos on YouTube: www.youtube.com/user/Viewfinity

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. The Viewfinity solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. Viewfinity's granular-level control enables companies to establish and enforce consistent policies for least privilege Windows-based environments based on segregation of duties. For more information, visit www.viewfinity.com.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27364
PUBLISHED: 2021-03-07
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
CVE-2021-27365
PUBLISHED: 2021-03-07
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length...
CVE-2021-27363
PUBLISHED: 2021-03-07
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system...
CVE-2021-26294
PUBLISHED: 2021-03-07
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/%2e%2e when using the caldav_public_...
CVE-2021-26814
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...