Changes

Cybersecurity and Infrastructure Security Agency (view source)

Revision as of 14:38, 27 July 2021

17 bytes added , 3 years ago

→‎Continuous Diagnostics and Mitigation

Line 35: Line 35:

==Continuous Diagnostics and Mitigation==

+

''PAM''<br/>

[[Tommy Doyle]], the CISA Associate Chief of Security Operations, runs the CDM Program and its privileged access management (PAM) tool. CISA has deployed PAM to 30 information systems with the aim of transitioning to a cohesive enterprise-wide approach. PAM offers:

# secure access for elevated rights,

Line 41: Line 42:

systems and alerting managers if a request falls outside of a user's usual time or place.<ref>[https://www.cisa.gov/sites/default/files/publications/CDM%20Success%20Story-CISA%20PAM%20Tool%20.pdf PAM success story, CISA]</ref>

−

''VENOM''

+

''VENOM''<br/>

VENOM is CISA's PAM-enabled cloud network enclave, which was built from scratch as opposed to adding it as a tool to a legacy network. In summer 2020, VENOM's design, documentation, naming conventions, and account standards were developed and it received authorization to connect to other systems. In fall 2020, penetration

tests were conducted and all attempts failed. In January 2021, VENOM was authorized to operate.

−

However, this approach required new user accounts, removing old systems and accounts, and building trust among users.<ref>[https://www.cisa.gov/sites/default/files/publications/CDM%20Success%20Story-CISA%20PAM%20Tool%20.pdf PAM success story, CISA]</ref>

+

However, this approach required new user accounts, removing old systems and accounts, and building trust among users.<ref>[https://www.cisa.gov/sites/default/files/publications/CDM%20Success%20Story-CISA%20PAM%20Tool%20.pdf PAM success story, CISA]</ref>

==Critical Infrastructure==

Jessica

Bureaucrats, Check users, lookupuser, Administrators, translator

14,952

edits