Monthly Archives: June 2012

Filling the Gap in Identity and Access Governance

Identity and Access Management: Filling the Gap in Identity and Access Governance

Traditional identity solutions focus on access to applications, but that misses as much as 80 percent of corporate data.

We’ve entered the age of access governance. Organizations need to know who has access to what data and how they were granted that access. Identity and Access Governance (IAG) solutions address these issues while managing enterprise access. They provide visibility into access, policy and role management, and risk assessment—and they facilitate periodic entitlement reviews of access across numerous systems. Most enterprise IAG solutions are missing a key piece to the puzzle, though: unstructured data.

[Read the full article in TechNet Magazine]

CVE-2012-0920 (debian_linux, dropbear_ssh)

Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels concurrency."