Privileged Account (Access) Management (PAM)
What you'll learn
- Understand privileged access management concept
- Understand the risks associated with privileged accounts and how to secure them
- Learn about credential management and how password managers work
- Learn about Privileged Access Management (PAM) or Privileged Account and Session Management solutions
- Basic IT skills
Privileged accounts are those with special permissions on a system, application, database or any other asset that can be used to perform any administration activity (E.g. changing the configuration), or have full access to the data. Failing to manage and monitor the usage of the privilege accounts in a corporate environment or an organization could have serious consequences.
Once hackers or malicious actors find a way to get into a system or a network, they will be looking to compromise a privilege account to get access to those systems and information that they are not authorized. Privilege Account Management is an important topic in Cyber Security and a requirements for a lot of regulatory and compliance frameworks.
In this course you will learn about :
Privileged accounts and credentials management, what they are, why they are important and different types
Privilege credentials security considerations
Implement and Usage of password manager solutions
Privilege Account Management (PAM) or Privilege Account and Session Management (PASM) solutions
Building a lab environment for testing PAM solutions
Implement and Configure a PAM solution
Onboard systems and credentials on the PAM solution (Windows, Linux, Web)
Utilise important PAM capabilities like remote access, sessions recording, audit, automated password changing, etc.
Review privilege credential usage, reporting and auditing requirements
Best practices to implement PAM solutions
Who this course is for:
- Security administrators, security professionals, infrastructure administrators, security architects, IT architects, security operators
Rassoul is an Information Security expert, leader, author of a few cyber security books, online and university instructor, and active member of security forums and communities. He has been working with the senior executives and stakeholders of enterprise companies to identify, assess and capture cyber security risks, as well as defining the strategy and building a program to implement relevant controls to minimize those risks.
Security strategy, governance, architecture, risk management, incident management and security operation are only some of his area of expertise, while his deep technical knowledge and background allows companies to identify and implement effective security solutions and constantly optimizing them.
Rassoul holds variety of industry certifications (including CISM, CISSP, SABSA, CRISC, ISO27001, CEH, COBIT, etc.) and currently working as the Director of Information Security in a large global healthcare organization.