In February, we visited the RSA Conference at San Francisco. This is the biggest event of the IT security industry with about 25.000 attendees, 365 exhibitors, and hundreds of sessions held by thought leadership experts. This post is focusing on a megatrend that was articulated at the conference as the key driver of our industry in the next years: Big Data Security. Let me summarize my thoughts on BDS and its relationship with BalaBit technologies. Big Data Security – another buzzword or something more?Perhaps, we all feel the same when we hear “Big data” security: it is a ... [Read More]

Who manipulated my firewall?Smart network administrators are useful resources at our company. They remotely set rules in our firewall, troubleshoot our network switches, add users to our Windows servers, manage our VMware machines, etc. In a typical scenario, they access these systems via HTTPS protocol and do their maintenance work remotely on the web interfaces of these systems. However, as with every privileged access, network admins also represent a security risk in our IT environment: they can make accidental mistakes (like any human being), or they can intentionally violate the company policy. Furthermore, several network admins typically access the same ... [Read More]

In my previous post I wrote about detecting and preventing credit-card number leaks in SSH, the cool new feature of Shell Control Box. In this post I would like to dig a bit deeper and get my hand dirty while showing it in action.First let's start with a simple scenario, where we want to get notified in case credit-card numbers are detected in my terminal session. We simply create a new content policy that looks for CC numbers and sends out alerts when the policy matches. Besides alerts sent using email and SNMP alerts, I have configured logging ... [Read More]

The new real-time alerting and blocking feature of Shell Control BoxTM 3 F4 activity monitoring appliance prevents malicious user activities, either external or internal, even those initiated by users with the highest privilegesNew York – February 12, 2013 – BalaBit IT Security, a global leader in the development of privileged activity monitoring, trusted logging and proxy-based gateway technologies announced the latest version of its Shell Control BoxTM (SCB). SCB is an activity monitoring appliance that controls privileged access to remote servers and networking devices and records activities in movie-like audit trails that can be searched and replayed. Standard reports can ... [Read More]

It has been a while since I wrote a blog on anything, but never the less there are couple of new and interesting topics that are worth blogging about. At least I hope.In this blog post I would like to introduce my favorite new feature of the latest Shell Control Box release.No matter how much time has passed, credit-card fraud or data leakage are still a hot topic. Detecting or better preventing any leak of such information is something PCI DSS requires. Protecting credit-card data is the key requirements of PCI. However realizing that in real life is not always ... [Read More]

Nearly 40% of today’s IT staff can gain unauthorized access to their organization’s most sensitive information – and 20% have already done so. This is according to recent research Lieberman Software conducted amongst sys admins toiling in the trenches.Hardly surprising findings though, considering that privileged users in IT who give in to the temptation to peak at confidential HR files or accounting data are almost certainly not going to be caught.That’s because the conventional Identity Access Management (IAM) and password management products that nearly every organizations relies on to control general access can’t restrict and audit the actual activities ... [Read More]

Shell Control Box™ 3 F3 activity monitoring tool is the first client- and server-independent solution which transparently audits Citrix XenDesktop® New York – June 25, 2012 – Before going on holiday, CIOs – just like every C-level manager – think about ongoing tasks and who will deputize during their absence. But how can they be sure about what is really happening in the IT system they are responsible for, during their holiday? Since compliance regulations must be met, this is not the question of trusting colleagues, but ensuring the company’s continuous business operation. By using an activity monitoring tool ... [Read More]

Learning a new and complex software, like SCB, is difficult, even if it has a fantastic documentation. I started learning SCB this way, reading the docs from page one. Then I learned, that we have just finished preparing a brand new e-learning based training material, which also includes webex consultations and an exam at the end (commercial, available for customers and partners, register here). And instead of using rdesktop from my laptop, I got a chance to use a real thin client to access servers through SCB: a small PC which fits in a hand. Of course, ... [Read More]

Hi,We have published the latest edition of The Shell Control Box 3 F3 Administrator Guide. New features have been included, for example: RPC-API for remote SCB access and integration, TLS support for Telnet and VNC and Support for Citrix XenDesktop. Also, several issues have been fixed.We have also published the SCB 3.3.0 RPC API User Guide. It describes the RPC API, that enables remote SCB access, facilitates integration into custom applications and environments, and provides flexible, dynamic search queries and management. It is available here, and can be opened from the SCB web ... [Read More]

Joint Solution Controls Privileged User Activity with Movie-Like Playback and Free-Text Searches of Audit Trail Content New York/Los Angeles – November 29, 2011 – BalaBit IT Security, one of the global leaders in privileged activity monitoring, trusted logging and proxy-based gateway technologies, and Lieberman Software Corporation, developers of the first fully automated privileged identity management solution, today announced a strategic alliance that integrates BalaBit’s Shell Control Box (SCB) with Lieberman Software’s Enterprise Random Password Manager™ (ERPM). The integration provides fine-grained control of user activity during privileged access. “Controlling who can access powerful privileged accounts and tracking the actions ... [Read More]