Thycotic Blog

Technical Product Updates and Industry Trends

  • When the Trusted Go Rogue, and How They (almost) Got Away With It

    Jason Cornish, a former IT admin, successfully took down 88 servers of a major pharmaceutical corporation for the comfort of a fast food joint. The breach cost the company over $800,000 and caused the entire US office to shut down for three days. Unfortunately for all companies, insider threat is very hard to detect. According

    Read more →
  • 5 things you can’t miss at Gartner Identity & Access Management Summit 2014

    You may be thinking of warm pumpkin pie, football and turkey induced comas as Thanksgiving quickly approaches, but just as the holiday season kicks off, so does Gartner’s Identity and Access Management Summit in Las Vegas on December 1st. We have a lot planned at Gartner IAM and there are many ways you can connect

    Read more →
  • What’s New in Password Reset Server 4.0?

    Password Reset Server 4.0 is out, and it has new features to make your installation simple and easy to use. What will be your favorite new feature? HSTS HTTP Strict Transport Security, when turned on, means that Password Reset Server can only be accessed using HTTPS. It is important to access sites that send or receive

    Read more →
  • Qualys Security Conference 2014: Tension Between Security and IT Operations

    In my previous post, ‘Vulnerability Scanning: Is Unauthenticated Scanning Enough?’ I discussed the differences between authenticated and unauthenticated scans, and how Qualys and Thycotic work together to find vulnerabilities for better security. When performing authenticated scans, Qualys uses credentials to find sensitive issues such as malware, patches, incorrect configuration, and other vulnerabilities. It then scans

    Read more →
  • Access Control: Models and Methods

    By: Stuart Gentry, an InfoSec Institute contributor and computer security enthusiast/researcher. There are times when people need access to information, such as documents, slides, etc., on a network drive but don’t have the appropriate level of access to read and/or modify the item. This can happen at the most inconvenient time and they would need

    Read more →