BeyondTrust has introduced PowerBroker for Unix & Linux 9.4. PowerBroker, the most mature Unix and Linux least privilege platform available, is the first of its kind to offer file integrity as part of the least privilege agent. File integrity monitoring (FIM) is a technology to monitor and protect system files which many organizations are embracing to support compliance mandates and to reduce the risks of malware. By monitoring sensitive files in real time administrators are proactively notified of suspect activities that may be related to privilege misuse or malware including file modification or encryption.
With the introduction of file integrity monitoring (FIM) for Unix and Linux, BeyondTrust now offers FIM for all major operating systems, protecting organizations’ critical files and binaries from tampering, regardless of platform.
The benefit of privilege elevation can be negated if selected targets become compromised –the privilege elevation product can allow access to files designed to harm these targets. For example, replacing certain executable files with an altered binary that performs malicious activities such as deleting files, launching a root level shell or rebooting the host, are possible.
With FIM enabled, organizations can be assured that important system binaries, product binaries and files of each system where PowerBroker for Unix & Linux has been deployed will not be tampered with. Any changes that do occur as part of system changes and updates are fully audited and can be reviewed and accepted to ensure that no compromises are introduced to controlled systems. FIM performs timed scans of centrally selected files and folders, checking the targets against a list of predefined settings, including location, ownership, permissions, size, date/time and file hash.
“In a production environment such as ours, knowing precisely which files have changed day over day is critical,” said John Masserini, CSO at The MIAX Options Exchange. “File integrity monitoring is not only foundational for understanding an organization's security risks, but as importantly, its operational risks. With PowerBroker for Unix & Linux, BeyondTrust has provided a powerful, integrated solution, that not only manages access controls, but provides additional controls over critical production files, providing a high level of confidence in the operational stability of the enterprise.”
“File checking policies to prevent malicious activities made possible by privilege elevation products have previously been manual, ad-hoc and error-prone, but the FIM capabilities included with PowerBroker for Unix & Linux 9.4 automate and secure access controls,” said Brad Hibbert, Chief Technology Officer, BeyondTrust. “Through our commitment to preventing privilege misuse and stopping unauthorized access, BeyondTrust is proud to offer powerful, integrated FIM capabilities for all major platforms – Unix, Linux, and Windows.”
