In the EPM Management console, go to Polices > Application Groups > Create custom group, and specify the following:Ī unique name for the application group. Step 1: Create a new application groupĬreate an application group to manage KeePass Password Manager. The following steps describe how to create a policy and activate it. Create a KeePass protection policyĪlthough we recommend that you apply protection against this potential threat by applying a privileged threat protection rule, as described in Activate the KeePass protection rule, you can also create a policy to protect your environment.
In the KeePass - Password Manager row, click More actions (.) and activate the policy in detect or block mode, then click Yes to confirm.įor more details about this rule, KeePass - Password Manager.
In the Policies filter, select Privilege threat protection policies.Įxpand the IT Application Credentials Theft rules. In the EPM Management console, go to the Polices page. In the Policies page, activate the KeePass protection rule. Set Protect against credentials theft and lateral movement to Detect or Block.Ĭlick Yes to accept the default settings,įor more details, see Privilege threat protection policies. In the EPM Management console, go to Polices > Default Policies. In the Default Policy page, activate the default Protect against credentials theft and lateral movement policy. Protect the keepass configuration file from modification by applications defined in the predefined Allow policy.Ĭreate an advanced application policy to protect your environment from a potential KeePass threat.įor details, see Create a KeePass protection policy. Protect the keepass password database stored locally on the endpoint computer.Īctivate the default privilege threat protection policy and set the built-in KeePass rule.įor details, see Activate the KeePass protection rule.
It comprises the following two major tasks: This topic describes how to configure your EPM deployment to protect your environment from this potential threat. For details about this rule, see KeePass - Password Manager. This is effective on KeePass 2.53.ĮPM uses a built-in credential protection rule to detect and block attacks against KeePass and mitigate potentially suspicious activities. OverviewĪ potential KeePass Password Manager threat allows attackers to leak usernames and passwords from the KeePass Password Manager, without administrative rights or the KeePass master password.
This topic describes how EPM addresses exploitation of a potential KeePass threat by attackers. Potential KeePass Password Manager threat
0 kommentar(er)
