Lieberman Software and Q1 Labs Combine Privileged Identity Management and SIEM

With Integration all ERPM Password Check-out/Check-in and Credentials Changes are Visible

(09.03.11) - Organisations seeking to eliminate the potential for anonymous employee access to sensitive data are extending their Security Information and Event Management (SIEM) platforms through the addition of privileged identity management (PIM) solutions. The combined technologies provide enterprises with enhanced monitoring, visibility and management of the powerful privileged accounts that allow unaudited access to nearly every system, business application, database, Web service and network appliance throughout large organizations.

To help customers accomplish these objectives Lieberman Software Corporation has been certified by Q1 Labs for its Security Intelligence Partner Program. The certification allows Lieberman Software to integrate with Q1 Labs’ open security intelligence protocols - LEEF and AXIS - to identify security threats and anomalies.

"Enterprise Random Password Manager" (ERPM), Lieberman Software’s PIM solution, automates the tasks to locate, inventory, organise and manage the thousands of privileged account passwords dispersed throughout large enterprise environments. ERPM works with Q1 Labs’ QRadar Security Intelligence Platform to correlate security and event data and provide oversight control of elevated privileged accounts.

With this new integration all ERPM password check-out/check-in and credentials changes are visible in Q1 Labs' QRadar, as are successful and failed password verifications. Q1 Labs’ QRadar SIEM tracks and correlates all privileged account activities, letting users monitor and respond to issues from within the QRadar Security Intelligence Operating System interface. Customers benefit from being able to accurately observe all actions taken by privileged users and can provide this information to security auditors in the form of detailed, customisable reports created with a few mouse clicks.

SIEM software collects and correlates log information from systems to track intrusion detection, normal and abnormal job operations, credentials abuse and other security events. Almost any system or application activity, success or failure can generate messages for the SIEM system. SIEM actions can trigger email, text message, trouble ticket and other human notifications. Or they can generate application-oriented actions like stopping jobs, restarting systems, blocking IP addresses and other IT operations that can typically be scripted.

PIM solutions manage the accounts that allow privileged access in the network. Privileged accounts hold elevated permission to access files, install and run programs, and change configuration settings. They exist on virtually every IT resource in the organization. Organizations that do not manage their privileged accounts risk having unauthorized users or malicious programs compromise just one password and gain unrestricted access to sensitive data on the network. (Lieberman: ma)