What is Leiberman RED Identity Management?

Enterprise Random Password Manager (ERPM) is a Proactive Cyber Defense Platform that protects organizations against malicious insiders, advanced persistent threats (APTs) and other sophisticated cyber attacks – on-premises, in the cloud and in hybrid environments.

Also known as
Rapid Enterprise Defense Identity Management, Enterprise Random Password Manager
Leiberman RED Identity Management customers

CME, VISA, Commerzbank, Rothschild, NMS, MHA, UAM, Tulane University, NYC, Lasko, Shell, ComEd, Petco, NetApp, Sharp, At&T, Brocade, Fox, CSC

Leiberman RED Identity Management Reviews

4.0 out of 5 stars
Identity and access management %28iam%29 report from it central station 2017 11 18 thumbnail
Find out what your peers are saying about CyberArk, Oracle, SailPoint and others in Identity and Access Management (IAM).
239,537 professionals have used our research on 5,961 solutions.
Identity and access management %28iam%29 report from it central station 2017 11 18 thumbnail
Find out what your peers are saying about CyberArk, Oracle, SailPoint and others in Identity and Access Management (IAM).
239,537 professionals have used our research on 5,961 solutions.

User Assessments By Topic About Leiberman RED Identity Management

Randomizing local accounts on all endpoints * ERPM's greatest ability is that it can easily randomize ALL local accounts on almost any endpoint. One of biggest security risks that occur within a company is the ability of an attacker to compromise one system and then use similar local accounts to slide horizontally through an environment. Many organizations will use group policy to change the local admin account and even change the password as well. The problem with this is that every Windows system will have the same name for their local admin account and most likely, have the same password for every one as well. If an attacker is able to compromise one system, then there is a high likelihood that they will be able to compromise multiple systems within the environment as well from these local accounts. * By randomizing local accounts, ERPM is able to keep local account passwords from becoming stale. Depending on the company's policies, it might be required to change all passwords every 30 days, 90 days, 180 days, etc... Without a tool to randomize all of these accounts, then trying to do this manually or remotely would be extremely difficult and time consuming. By setting up jobs to do this within ERPM, I do not have to do anything other than check a report to make sure all of my systems are being randomized. * Service accounts normally have heightened permissions on servers, workstations, and throughout a company's environment. However, service accounts are also forgotten about and do not have their passwords changed very often. Before we started to crack down on service accounts in my environment, we had passwords for service accounts that were several years old. The only caveat to this is that for ERPM to change the password of the service account and then push it to the locations that it is being used, the service account must be available via a COM object, service, a task or other Windows functions. If the account is embedded within a program, either an API must be written to change the password from within the program, or the password must be manually changed. * Using ERPM to change ALL Service Account passwords is not ideal or always possible, but it does help with many accounts; and can give an auditor insight into how old a password is and where it is being used within your environment. Randomizing accounts that have elevated privileges in the domain: * Since most IT administrators must have the ability to perform maintenance, install programs, and other tasks on servers or sensitive systems, they normally have admin rights on these systems or domain admin for an entire domain. This makes the IT group a VERY high target for attackers since most company's IT admins use their normal computer account to access servers as well. In order to have a clear segregation of a 'user' account and a 'server' account, we removed ALL permissions for a user's account from all servers, appliances, or sensitive systems and created 'server' accounts to access these sensitive systems. In order for an admin to access a server, sensitive system, or appliance, they must 'check out' the daily password for their server account and then use that account to perform their daily duties. If an attacker were to compromise an IT admin's normal account, they would only have access to that computer and would not be able to navigate through the environment with heightened permissions. Even if an attacker were to get local admin on one server and tried to dump the hashes to try and grab stored accounts for other users, these passwords would be no good since the password gets randomized every 24 hours. This has actually saved us during one of our third-party penetration tests where the tester was able to get onto a server using a compromised service account that ONLY had rights to that one server. Even though the tester dumped the hashes from the registry, all of the account's passwords were old and were not able to be used. This kept the tester from obtaining domain admin within our environment. Now, the tester could have sat on the server and possibly grabbed credentials from memory from a user that logged on later using mimikatz or another tool, but this would have taken more time and resources.

Leiberman RED Identity Management Consultants

Request a call with one of our top consultants and experts in Leiberman RED Identity Management. (Add me to this list.)
92d6de44 1eee 47f0 8981 b796574d8ebc avatar
TOP 20
Identity Management Consultant
Reviewed Leiberman RED Identity Management: It allows us to enumerate all machines from an...

Sign Up with Email