Addressing the issue of access management is probably the most pressing topic in the field of IT security. The majority of attacks on computer networks today are carried out with the help of techniques to gain increased privileges on target systems. Cybercriminals focus in particular on directory-integrated accounts of natural persons, service accounts and authorisations of local accounts on endpoints.

Especially in the area of critical infrastructures (CRITIS), in addition to the primary goal of protecting the company or organisational infrastructure and its data, it is also a matter of adhering to legally formulated compliance or industry standard requirements, such as the B3S according to BSI, ISO 27001 or NIS2.

In our presentation, ...