How to Backup and Recover Group Policy Objects

How to Backup and Recover Group Policy Objects

Editor’s note: This is the 5th and final blog series around Active Directory (AD) backup and recovery using STEALTHbits, StealthRECOVER. Read the 1st blog An Introduction to Active Directory Backup and Recovery, the 2nd blog Active Directory Object Recovery, the 3rd blog Active Directory Recover (Recycle Bin), and the 4th blog How to Rollback and Recover Active Directory Object Attributes. Welcome to the final post in this Active Directory Backup and Recovery blog series, which will discuss the backup and…

Read More Read More

The Structured Future of Data Access Governance

The Structured Future of Data Access Governance

When Data Access Governance (DAG) was first conceived, the logical place to implement such access control was on unstructured data such as shared file systems, collaborative platforms (e.g. SharePoint), and email systems. These massive unstructured data repositories seemingly contained the bulk of the corporate data, often quoted as representing well over 80% of all corporate data. Moreover, these data repositories appeared to be growing exponentially and therefore were the logical choice as the initial place for such extra controls. And…

Read More Read More

What is the Right to be Forgotten?

What is the Right to be Forgotten?

The Right to be Forgotten is defined as “the right to silence on past events in life that are no longer occurring.” The right to be forgotten leads to allowing individuals to have information, videos, or photographs about themselves deleted from certain internet records so that they cannot be found by search engines. As so many different compliance regulations roll out across the world, it’s important to understand the requirements from an organizational perspective as well as differences between regulations…

Read More Read More

Office 365 Security and Compliance: Guide to Creating Custom Sensitive Info Types and DLP Policies

Office 365 Security and Compliance: Guide to Creating Custom Sensitive Info Types and DLP Policies

In my last blog post, I covered configuring some of the out of the box data loss prevention policies that Microsoft’s security & compliance center offers. Yet in order to meet the specific needs of your organization, custom information types and DLP policies can be created. In this guide, I will show you how to use Microsoft Office 365’s Security and Compliance center to categorize sensitive content with custom sensitive information types and create custom data loss prevention (DLP) policies….

Read More Read More

Office 365 Security and Compliance: Admin Guide to Creating Labels and DLP Policies

Office 365 Security and Compliance: Admin Guide to Creating Labels and DLP Policies

Data loss is defined as data that gets misplaced, removed without authorization, leaked outside of the organization or otherwise corrupted perhaps due to malware. Failure to prevent data from being ‘lost’ can result in hefty fines, especially for organizations that have to comply with the General Data Protection Regulations (GDPR) where they can be fined up to 20 million Euros, or 4% of annual, worldwide turnover. In this guide, I will show you how you can leverage Microsoft Office 365…

Read More Read More

Running LAPS in the Race to Security

Running LAPS in the Race to Security

Managed Passwords for Local Administrator Accounts What is Microsoft LAPS? Microsoft Local Administrator Password Solution (LAPS) is a password manager that utilizes Active Directory to manage and rotate passwords for local Administrator accounts across all of your Windows endpoints. LAPS is a great mitigation tool against lateral movement and privilege escalation, by forcing all local Administrator accounts to have unique, complex passwords, so an attacker compromising one local Administrator account can’t move laterally to other endpoints and accounts that may…

Read More Read More

How to Defend against AdminSDHolder Attacks

How to Defend against AdminSDHolder Attacks

In this blog post, we’ll be discussing the topic of the AdminSDHolder object in Active Directory and how it can be utilized in Active Directory attacks. Finally, we will discuss how to use StealthDEFEND to detect and respond to this type of attack. Introduction to the “AdminSDHolder” The AdminSDHolder is an Active Directory object that is basically a container to essentially act as a security descriptor template for protected accounts and groups in an Active Directory domain A security descriptor…

Read More Read More

How to Rollback and Recover Active Directory Object Attributes

How to Rollback and Recover Active Directory Object Attributes

Editors note: This is the 4th in a series of blogs around Active Directory (AD) backup and recovery using STEALTHbits, StealthRECOVER. Read the 1st blog, An Introduction to Active Directory Backup and Recovery, the 2nd blog, Active Directory Object Recovery, and the 3rd blog Active Directory Recover (Recycle Bin). The previous two posts in this series focused on Active Directory deleted object recovery. This post will explore a different type of Active Directory recovery. Consider the following scenario: Our story begins with a…

Read More Read More

ProTip – Utilizing STEALTHbits to Move Away from Relying on Native File System Logging

ProTip – Utilizing STEALTHbits to Move Away from Relying on Native File System Logging

If you have been following our 4 part blog series, “Challenges with Relying on Native File System Logging” you have seen some of the many challenges of auditing and collecting file activity natively. The blog series is also going to be followed by an awesome webinar. If you haven’t seen any of the blog posts be sure to check them out: NetApp File Activity Monitoring Windows File Activity Monitoring Challenges with Native File System Access Auditing EMC File Activity Monitoring…

Read More Read More

EMC File Activity Monitoring

EMC File Activity Monitoring

Note: This is the 4th and final blog of our File System security series. Check out the first three: 1) NetApp File Activity Monitoring, 2) Windows File Activity Monitoring, 3) Challenges with Native File System Access Auditing. Sign up now for my live webinar “Challenges with Relying on Native File System Logging“. Register now. In the final post of this 4 part blog series, we will take a closer look at file access auditing on an EMC Isilon file system leveraging…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.