cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Campbell3336
Viewer II

RSA Authentication Manager backup files - .RSAbackup

I'm auditing our RSA Authentication Manager 8.x system used for SSL VPN 2FA for remote access.

I came across a file share containing RSA backup files in YYYYMMDD####.RSAbackup filename format and RSABACKUP File types.  Obviously this share needs to be locked down, but it begs the question, what could a attacker do with this backup file?  What could they learn from it?   It appears encrypted.  If perimeter security is breached and they have internal access and stumble across this backup file, then they are already inside...