NetApp File Activity Monitoring

NetApp File Activity Monitoring

Note: This blog is the third in a 4 part series, followed by a webinar to review all the challenges with File System access auditing. Sign up now for the webinar “Challenges with Relying on Native File System Logging“. Register now. In our last post, we walked through configuring file access auditing on a Windows File server and explored some of the common challenges with data interpretation. In this post, we will take a similar look at file access auditing on…

Read More Read More

Impressions from RSA 2019

Impressions from RSA 2019

This year’s RSA convention was a riot of sights and sounds with a lot of familiar faces, mega-booths with flashy giveaways, as well as some new/old companies in the form of recently acquired or merged organizations. There were the familiar topics of security analytics, security as a service, and advanced threat detection, but on the surface, it is difficult to pick out any obvious new trends. After thinking back about everything I saw, I have decided that the one common…

Read More Read More

Anatomy of a Hack: How TEMP. Mixmaster Attackers Use TrickBot and Ryuk to Poach Big Game

Anatomy of a Hack: How TEMP. Mixmaster Attackers Use TrickBot and Ryuk to Poach Big Game

Cyber-crime continues to evolve – especially over the last year in terms of ransomware. Ransomware used to be largely a spray-and-pray proposition where attackers used automated tools to spread and encrypt as fast as possible, with immediate ransom demands. Those did enough damage. However, cybersecurity researchers are reporting a new, more patient and human-driven extortion scheme where criminals infect many networks but only select larger organizations with deeper pockets. In these larger target networks, they may dwell for as long…

Read More Read More

Microsoft Advanced Threat Analytics (ATA) Compared to StealthDEFEND for Active Directory

Microsoft Advanced Threat Analytics (ATA) Compared to StealthDEFEND for Active Directory

Detecting advanced threats against Active Directory can be approached in a variety of ways. When looking at Microsoft Advanced Threat Analytics (ATA) compared to STEALTHbits StealthDEFEND for Active Directory they have the same goal and a similar approach, however, there are some key differences. Microsoft is in a privileged position to build a threat detection solution to protect against Active Directory attacks. Their end product is similar to what you would expect from a third-party vendor. They leverage their own…

Read More Read More

LDAP Reconnaissance – Defend with StealthDEFEND

LDAP Reconnaissance – Defend with StealthDEFEND

Editor’s note: This is the second blog post in a series of blogs for using StealthDEFEND to defend against attacks. Read the first blog “Using StealthDEFEND to Defend Against Password Spraying”. In this blog post, we’ll be talking about LDAP Reconnaissance and how we can use StealthDEFEND to defend ourselves against this type of attack. Introduction to LDAP Reconnaissance When an attacker initially compromises a system on a network, they may have little to no privileges within the domain and…

Read More Read More

Windows File Activity Monitoring

Windows File Activity Monitoring

Note: This blog is the second in a 4 part series, followed by a webinar to review all the challenges with File System access auditing. Sign up now for the webinar “Challenges with Relying on Native File System Logging“. Register now. In our first post of the series, we discussed some of the challenges with native file system access auditing techniques, from the configuration all the way to one’s ability to easily understand the resultant data. In this post, we will…

Read More Read More

Active Directory Object Recovery (Recycle Bin)

Active Directory Object Recovery (Recycle Bin)

Editors note: This is the 3rd in a series of blog around Active Directory (AD) backup and recovery using STEALTHbits, StealthRECOVER. Read the 1st blog, An Introduction to Active Directory Backup and Recovery and the 2nd blog, Active Directory Object Recovery. The previous post in this series discussed the joys of Active Directory object recovery in an environment without the AD Recycle Bin. If you missed that post, I strongly encourage you to go back and read it as it is…

Read More Read More

Using StealthDEFEND to Defend against Password Spraying

Using StealthDEFEND to Defend against Password Spraying

In this blog post, we’ll be talking about Password Spraying and how we can use StealthDEFEND to defend ourselves against this type of attack. Introduction to Password Spraying Password Spraying is a technique attackers leverage to guess the passwords of accounts by trying a small number of highly common passwords against a large number of accounts while also staying below an organization’s defined lockout threshold. This allows an attacker to compromise accounts without any elevated privileges and masking themselves from detection by blending…

Read More Read More

Challenges with Native File System Access Auditing

Challenges with Native File System Access Auditing

Note: This blog is the first in a 4 part series, followed by a webinar to review all the challenges with File System access auditing. Sign up now for the webinar “Challenges with Relying on Native File System Logging“. Register now. An organization’s ability to efficiently and effectively capture file level access is paramount in order to not only proactively prevent data breaches or attacks, but to respond in the event your data has already been compromised. Often times, we…

Read More Read More

ProTip – Active Directory Advanced Threat Analytics and Response

ProTip – Active Directory Advanced Threat Analytics and Response

STEALTHbits Technologies’ most recent release, StealthDEFEND 2.0, brings with it a whole new suite of advanced threat analytics inside of Active Directory (AD). If you are already a user of StealthDEFEND, you are already aware of the great response and analytics it provides for file system monitoring by leveraging machine learning and user behavior analytics. Now, with StealthDEFEND 2.0, and the expansion into new threats and monitoring capabilities around AD, STEALTHbits Technologies is uniquely positioned to address threat protection for…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.