I was assigned to advise an Investment Bank in Milan in how to deploy an agent for discovery of their Mainframe systems for dependency mapping.

The solution was straightforward which involved downloading and installing an additional agent for the BMC Discovery tool. During the brief consultancy visit I also identified and advised on their general issues with credential discovery. They had had a cyber-attack the previous year and as a precaution had altered all Linux servers to have individual named service accounts – over an estate of (IIRC) 500 Linux servers.

It was pointed out that whilst this would certainly slow down a hacker and limit the the damage, it would also be more difficult to trace and manage in the event of an attack. A much better solution was suggested of proactive management and linking service accounts to an AD service with monitoring and least privilege.