This technical brief is intended to outline methods used to evaluate current security against a desired ideal. It describes approaches used to assess what exposures may exist, against which levels of risk may be determined. It then explains how Privilege Manager for Unix functions, and describes some of the scripting constructs which can be employed. The document concludes with a simplistic worked example, together with some general guidelines which can be used to model real world rules.
Acquisitions - Enstratius, RemoteScan, StatSoft