Public sector cyber defenses just leveled up. 
Keeper Security’s new partnership with immixGroup makes KeeperPAM readily available to government agencies and education institutions, because breaches shouldn’t be part of public service.
#pam
5 posts5 participants0 posts today
Privileged Access Management (PAM) is key to protecting critical systems and data by controlling and monitoring access to sensitive accounts. Strengthen your cybersecurity posture with PAM!
Join our 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 course - https://infosectrain.com/cybersecurity-certification-training/
PAM isn’t an option - it’s essential! Whether you're a large business or a small firm, managing your accounts and implementing strong PAM policies is critical for protecting data and staying compliant.
Tune in to The Keys 2 Your Digital Kingdom for expert insights on securing your organisation. Subscribe now!
PAM-платформа против техник MITRE ATT&CK
В этой статье вы узнаете, как PAM-платформа СКДПУ НТ может использоваться для митигации техник злоумышленников, описанных в матрице MITRE ATT&CK. Показываем, какие конкретные механизмы защиты можно применить на практике. Будет интересно: Специалистам по ИБ , которые хотят глубже разобраться в технологиях защиты. Архитекторам безопасности , ищущим способы закрыть ключевые векторы атак. Техническим руководителям , оценивающим инструменты для противодействия сложным угрозам.
ХабрPAM-платформа против техник MITRE ATT&CKСпособы противодействия техникам злоумышленников с помощью PAM-платформы СКДПУ НТ на примере матрицы MITRE ATT&CK. Часть первая : разведка, подготовка ресурсов, первоначальный доступ. Привет,...
Trump y AG Pam Bondi se callan posteriormente de que el incendio incendia se incendia a la residencia del jefe Josh Shapiro #Bondi #callan #del #después #gobernador #incendia #incendio #Josh #Pam #residencia #Shapiro #Trump #ButterWord #Spanish_News Comenta tu opinión 
https://butterword.com/trump-y-ag-pam-bondi-se-callan-posteriormente-de-que-el-incendio-incendia-se-incendia-a-la-residencia-del-jefe-josh-shapiro/?feed_id=17192&_unique_id=67fc412f2967f
ButterWord · Trump y AG Pam Bondi se callan posteriormente de que el incendio incendia se incendia a la residencia del jefe Josh Shapiro – ButterWordPoliticususa es librado de anuncios y orgullosamente independiente. Apoye nuestro trabajo convirtiéndose en suscriptor. A las 2 de la mañana, mientras su grupo estaba adentro, la residencia del jefe Josh Shapiro en Pensilvania fue incendiado por la Pascua. El Pittsburgh Post-Gazette reportado, “Un incendio industrial prendió fuego a la residencia del jefe de Pensilvania en […]
Play list Puntata n. 14 di Domenica 6 aprile 2025 https://www.radiocittafujiko.it/play-list-puntata-n-13-di-domenica-6-aprile-2025/ #RobertaGiallofeat.MassimoForapani #VincenzoSantovito #EricaSalvetti #AmatiBros #MarinaRei #PLAYLIST #KikiOrsi #Minimal #MUSICA #Piotta #Leria #Manuè #Marla #Deci #Nada #Pam
Radio Città FujikoPlay list Puntata n. 14 di Domenica 6 aprile 2025 - Radio Città FujikoEasy Pop, 100% Musica Indipendente per menti libere ✔Prima parte ♬1 • Marla - dimmelo2 • Piotta - tu me piaci3 • Minimal - mosaici4 • Vincenzo Santovito - stella marina5 • Kiki Orsi - oltre6 • Leria - oltre a te7 • Marina Rei - domenica dicembre ✔Seconda parte…
Just released: #swad v0.2
SWAD is the "Simple Web Authentication Daemon", meant to add #cookie #authentication with a simple #login form and configurable credential checker modules to a reverse #proxy supporting to delegate authentication to a backend service, like e.g. #nginx' "auth_request". It's a very small piece of software written in pure #C with as little external dependencies as possible. It requires some #POSIX (or "almost POSIX", like #Linux, #FreeBSD, ...) environment, OpenSSL (or LibreSSL) for TLS and zlib for response compression.
Currently, the only credential checker module available offers #PAM authentication, more modules will come in later releases.
swad 0.2 brings a few bugfixes and improvements, especially helping with security by rate-limiting the creation of new sessions as well as failed login attempts. Read details and grab it here:
GitHubRelease swad 0.2 · Zirias/swadNew features:
Configurable rate-limits for new session creation
Configurable rate-limits for failed login attempts (per session, realm
and user name)
Configurable types of proxy headers (X-Forward...
Cyber Security Myth Busters: Unravelling the truth behind cyber security misconceptions.
Get the facts straight and stay secure.
Visit our website to see how we can help you and your business stay safe: www.infoseck2k.com
#MythvsFact #CyberSecurityTruths #PAM ##PrivilegeAccessManagement
Source: https://assets.beyondtrust.com/assets/documents/BT_WhitePapers_6Myths_2020.pdf
I'm not wild about the "Year of" trope, but I think we can go ahead and call this the Year of Agentic AI. I've rarely seen one topic so thoroughly absorb the entire industry's attention.
#Cybersecurity often follows the initial hype around the latest shiny object. Still, some IT pros and vendors are considering what #agenticAI means for security, particularly in identity and access management.
In this feature that was months in the making, experts from academic, vendor, and enterprise backgrounds weighed in.
#AIagents #IAM #identityandaccessmanagement #SecOps #ITOps #identitysecurity #PAM #abac #accesscontrols #AI #GenAI #LLMs
TechTarget · AI agents raise stakes in identity and access management
Continued thread
Trump has been nominating,
and the Senate has been confirming,
one pliant and obsequious instrument of the president’s pleasure after another.
This is nowhere more true than in appointments to the Department of Justice.
To understand Martin’s danger, it is important to understand how the department in which he would serve as a confirmed official has been operating in Trump 2.0.
At Attorney General #Pam #Bondi’s swearing-in ceremony, she pledged to
“not let [Trump] down”
and to “make [him] proud.”
In her introduction of President Trump before his speech in the Great Hall at the Justice Department,
she called Trump
“the greatest president in the history of our country”
and proclaimed that the department was
“so proud to work at [his] directive”
and would “never stop fighting for” Trump.
She has portrayed Justice Department attorneys as the president’s lawyers.
Bondi signaled fierce loyalty to Trump at her confirmation hearing but nonetheless pledged that,
“If confirmed, I will fight every day to restore confidence and integrity to the Department of Justice
and each of its components.
The partisanship, the weaponization, will be gone. America will have one tier of justice for all.”
In office Bondi has done precisely the opposite
—aggressively so.
She has engaged in a range of politicizing actions,
including dropping the Eric Adams prosecution,
withdrawing charges against and pulling back from investigations of other Trump-allied current or former officials, halting prosecution of a Trump family crypto partner,
and firing or demoting career attorneys who worked on cases involving the president.
She established a “Weaponization Working Group”
that is going after the president’s perceived enemies
and must report on its progress to the White House quarterly.
(Martin is a member of the group.)
The weaponization group is implementing the president’s core philosophy:
“If they screw you, screw them back ten times as hard.”
The goal may be to eliminate future weaponization against Trump interests;
but the tactics are weaponization on a scale never before imagined.
At the same time, Bondi, the chief legal officer of the executive branch after Trump,
is stewarding the rule of law in a disastrous fashion.
She has facilitated the elimination of DOJ independence from the White House,
despite pledges to the contrary.
Her lawyers have been unprepared in court and shown courts unprecedented disrespect.
They have sought to defend the president’s plainly lawless extortionate actions against law firms,
among other lawless executive actions.
Bondi and her lawyers are not restoring confidence and integrity in the department
—they are weakening them.
Bondi had signaled a pro-Trump agenda during her confirmation process,
but now we know the scale on which she is using the department to do the president’s political and personal bidding.
The Senate’s enabling of these actions in confirming Bondi is the proper background to assess Martin’s nomination
Released: #swad v0.1 
Looking for a simple way to add #authentication to your #nginx reverse proxy? Then swad *could* be for you!
swad is the "Simple Web Authentication Daemon", written in pure #C (+ #POSIX) with almost no external dependencies. #TLS support requires #OpenSSL (or #LibreSSL). It's designed to work with nginx' "auth_request" module and offers authentication using a #cookie and a login form.
Well, this is a first release and you can tell by the version number it isn't "complete" yet. Most notably, only one single credentials checker is implemented: #PAM. But as pam already allows pretty flexible configuration, I already consider this pretty useful 
If you want to know more, read here:
https://github.com/Zirias/swad
GitHubGitHub - Zirias/swad: Simple Web Authentication DaemonSimple Web Authentication Daemon. Contribute to Zirias/swad development by creating an account on GitHub.
Continued thread
First "production test" successful 
... after band-aid "deployment" (IOW, scp binaries to the prod jail).
#swad integrates with #nginx exactly as I planned it. And #PAM authentication using a child process running as root also just works (while the main process dropped privileges).
So, I guess I can say goodbye to #AI #bots hammering my poor DSL connection just to download poudriere build logs.
Still a lot to do for #swad: Make it nicer. So many ideas. Best start would probably be to implement more credentials checking modules besides PAM.
Continued thread
This, btw, was yet another reminder of the horrible can of worms #stdio's #buffering is.
I created a little tool running as a child process to do the *actual* #PAM authentication, so it will be possible to have this run as root while the real service drops all privileges. This little tool uses a simple line-based protocol for communication on stdin/stdout. It worked well when testing directly on the terminal.
On the first real test though, my service just went hanging. 
I suspected a deadlock caused by pthread mutexes. Wasted quite some time looking into that. Then I finally realized communication over the pipes was stalled.
Ok, just set buffering mode to "line buffering" after fdopen'ing the #pipe. Turned out that didn't help either. I *assume* that even in the child process, the stdio streams automatically created on the pipes were somehow fully buffered. But at that point, I was really fed up with trial and error and rewrote the whole mess to do I/O using plain #POSIX APIs (read, write), sidestepping any buffering. Worked like a charm.
Continued thread
Result of today's #C #coding session: I can now authenticate with #PAM
https://github.com/Zirias/swad/commit/8983ae30955a407c4732c6e3e3a4aeba6db77a93
This will soon be "production-ready" at least for me 
Prosecutors ordered to seek death penalty for Luigi Mangione #US News #Death Penalty #Luigi Mangione #Pam Bondi
https://globalnews.ca/news/11109551/luigi-mangione-death-penalty-pam-bondi//612
Global News · Prosecutors ordered to seek death penalty for Luigi Mangione
Curious about Privileged Access Management (PAM)? In our latest podcast episode, we debunk some of the most common myths and highlight why PAM isn't just a one-time setup.
Tune in now to Infosec K2K's The Keys 2 Your Digital Kingdom for expert insights. Don't miss out - subscribe today and stay ahead in cyber security!
Поиск аномалий и предотвращение утечек — как сигнатурный анализ помогает обнаружить угрозы изнутри
Привет, Хабр! Меня зовут Александр Щербаков. Расскажу, как системы Privileged Access Management помогают контролировать действия привилегированных пользователей (таких как системные администраторы, управленцы, девопсы и проч.) с помощью сигнатурного анализа. Привилегированные пользователи обладают расширенным доступом к инфраструктуре. Их ошибки, небрежность или недобросовестные действия могут нанести организации большой вред.
ХабрПоиск аномалий и предотвращение утечек — как сигнатурный анализ помогает обнаружить угрозы изнутриПривет, Хабр! Меня зовут Александр Щербаков. Расскажу, как системы Privileged Access Management помогают контролировать действия привилегированных пользователей (таких как системные администраторы,...
Sure, firewalls are crucial. We all know that. But let's be honest, what happens when the threat isn't knocking at the door, but already *inside* your house? 
It's tempting to think, "Nah, our people are solid, they wouldn't..." Well, maybe. But insider risk is a very real thing. It could be simple carelessness, an honest mistake, or sometimes, yeah, even malicious intent. It covers the whole spectrum.
That's exactly why Privileged Access Management (PAM) is worth its weight in gold. Getting that Least Privilege model right? Absolutely key! 
Now, how do you *really* know if your PAM setup holds up and what could actually go wrong? That's where manual penetration testing comes in – it's vital. These tests dig deep to see what chaos could *really* unfold. And while AI tools can certainly help out, they just aren't a complete replacement for a skilled human tester poking around.
So, turning it over to you: How are you currently tackling the challenge of securing your critical data from potential insider threats? 
Let's discuss!