Lieberman RED – Rapid Enterprise DefenseTM Identity Management (formerly ERPM – Enterprise Random Password Manager)

Additional Info

CompanyLieberman Software Corporation
Websitehttp://www.liebsoft.com
Company size (employees)50 to 99
Type of solutionSoftware

Overview

To succeed, a cyber attack needs access to privileged credentials. With these powerful credentials an intruder can expand his access throughout a network and anonymously extract sensitive data. According to the 2017 Data Breach Investigations Report, “81% of hacking-related breaches leveraged either stolen and/or weak passwords.”

The key to stopping this attack vector is to find and eliminate privileged access security threats before attackers can exploit them. Lieberman Software’s RED Identity Management, formerly known as Enterprise Random Password Manager, accomplishes this by limiting the value of stolen credentials. It automatically manages sensitive credentials and provides controlled access to high value systems on the cross-platform enterprise – on premises and in the cloud.

The fact is, perimeter security tools such as firewalls react too late to block today’s sophisticated cyber attacks. Since it’s really a question of when – not if – a cyber attack will penetrate the perimeter, organizations require a cyber defense solution that can limit the damage done during an attack.
RED Identity Management arms organizations with the proactive cyber defense capabilities they need to cope with the porous network perimeter. This privileged access management solution, part of the new Lieberman RED Suite, continuously discovers and tracks privileged accounts in the enterprise, and automatically provides each account with unique and frequently changing credentials.

It randomizes privileged credentials at unprecedented speed at scale, either on a scheduled basis or in response to an alert of a cyber threat. When intruders penetrate the perimeter and compromise a credential, the stolen credential is quickly invalidated. The intruders cannot leverage it to stealthily nest on a network or move laterally around the environment, accessing systems at will.

RED Identity Management ensures that privileged identities are only available to audited users on a temporary, delegated basis – preventing unauthorized access to systems with sensitive data.

How we are different

• Many privileged access management products on the market store credentials in static vaults, which means an attacker could potentially break into the vault and steal the current credentials. RED Identity Management is fundamentally different. Our philosophy is that access control inherently becomes more difficult to maintain over time. Most organizations don’t have up-to-the-minute catalogs of privileged identities, systems and account interdependencies for their global environments. That’s why RED Identity Management incorporates automated continuous discovery and correlation of privileged credentials to ensure that each credential is frequently updated, and that there are no static credentials in the IT environment. RED Identity Management automates the entire credentials management process. It does not require users to maintain knowledge of systems lists, credentials and their usage, or manually conduct credentials changes.


• Speed is crucial in today’s cyber warfare environment. RED Identity Management is extremely fast compared to other privileged access management products. It can change credentials on 2000 systems per minute per node, so that hundreds of thousands of systems can be managed quickly. Our largest customer changes 850,000 credentials per minute with RED Identity Management. The platform enables users to change privileged credentials across their IT infrastructure as often as they need to, even every couple of hours.


• Most organizations operate with many systems disconnected from the corporate network. But even when disconnected, these systems must be updated on a regular basis to stay secure against evolving cyber threats. RED Identity Management is the industry’s only privileged access management solution that can change the local passwords on offline systems (Windows, Linux, Unix, etc.) at regular intervals. With its Disconnected Account Management capability, RED Identity Management ensures that each machine has its own unique password for the machine’s administrator account, protecting against pass-the-hash attacks and similar cyber attacks.