Securing Organizational Assets: A Comprehensive Analysis of Privileged Access Management
Sizov, Nikita (2024)
2024
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-202403275305
https://urn.fi/URN:NBN:fi:amk-202403275305
Tiivistelmä
In collaboration with Nixu Corporation, this research focuses on unraveling the critical role of Privileged Access Management (PAM) and Identity and Access Management (IAM) in fortifying organizational cybersecurity. Focusing on the crucial role of PAM, especially in safeguarding privileged credentials, which are frequently targeted by malicious actors, the study addresses challenges in managing and securing privileged accounts. The objective is to provide practical insights and data to update sales and pre-sales materials, benefiting Nixu's sales professionals in effectively communicating the value of PAM. This thesis results can also benefit any individual needing a deeper understanding of PAM and it’s capabilities.
The development task involves addressing challenges in managing and securing privileged accounts, with a particular emphasis on PAM's efficacy against contemporary cyber threats. Core PAM mechanisms, including Password Vaulting, Session Management, and Discovery, are defined, explored, and mapped to attack patterns of the most common cyberattacks. Real-world cases of such cyberattacks including phishing, insider threats, and brute force attacks are analyzed, revealing the common techniques employed, and underscoring the importance
of PAM's implementation.
Methodologically, the research utilizes the MITRE ATT&CK framework for comprehensive cyber threat intelligence. Mapping cyberattacks’ patterns to ATT&CK techniques and corresponding PAM and IAM mechanisms underscores the importance of implementation and integration for a proactive security posture. Key results highlight PAM’s potency, revealing it to be the most recommended mitigation suggestion by the MITRE ATT&CK framework for addressing techniques used by threat actors and software these actors exploit.
The analysis of the results emphasizes that PAM not only addresses the critical challenge of managing privileged accounts but also emerges as a pivotal mitigation strategy against a spectrum of cyber threats. The integration of PAM and IAM, reinforced by insights from the MITRE ATT&CK framework, forms a robust defense against evolving attack vectors.
Keywords: PAM, IAM, MITRE, ATT&CK
The development task involves addressing challenges in managing and securing privileged accounts, with a particular emphasis on PAM's efficacy against contemporary cyber threats. Core PAM mechanisms, including Password Vaulting, Session Management, and Discovery, are defined, explored, and mapped to attack patterns of the most common cyberattacks. Real-world cases of such cyberattacks including phishing, insider threats, and brute force attacks are analyzed, revealing the common techniques employed, and underscoring the importance
of PAM's implementation.
Methodologically, the research utilizes the MITRE ATT&CK framework for comprehensive cyber threat intelligence. Mapping cyberattacks’ patterns to ATT&CK techniques and corresponding PAM and IAM mechanisms underscores the importance of implementation and integration for a proactive security posture. Key results highlight PAM’s potency, revealing it to be the most recommended mitigation suggestion by the MITRE ATT&CK framework for addressing techniques used by threat actors and software these actors exploit.
The analysis of the results emphasizes that PAM not only addresses the critical challenge of managing privileged accounts but also emerges as a pivotal mitigation strategy against a spectrum of cyber threats. The integration of PAM and IAM, reinforced by insights from the MITRE ATT&CK framework, forms a robust defense against evolving attack vectors.
Keywords: PAM, IAM, MITRE, ATT&CK