Can Data Science Deal With PAM?

Explore the intersection of data science and Privileged Access Management (PAM) in this 26-minute conference talk from BSidesLV 2018. Delve into the challenges of implementing effective PAM strategies and discover how data science techniques can be leveraged to enhance security measures. Learn about practical principles for PAM implementation, including starting slow and small, focusing on business-critical systems, and developing smart inventory practices. Examine the importance of event logs, defining allowed access paths, and determining system ownership. Gain insights into common PAM problems and innovative solutions, such as graph visualizations for complex permission structures. Acquire valuable takeaways to improve your organization's approach to privileged access management and data-driven security practices.

What is PAM
Agenda
Recap
Good privileged access management
Why is PAM so challenging
How can Data Science help
Data Challenges
Practical Principles
Start Slow
Start Small
Business Critical Systems
Smart Inventory
PAM
Event logs
Define allowed access paths
Who owns the system
Whats a security team get
Art of the possible
Group permissions
Combining data
Multiple devices
Chaos of lines
Common PAM problems
Graph visualizations
Next steps
Take aways
Questions