Browsed by
Author: Brad Bussie

Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possesses premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.
StealthRECOVER Now Available for Active Directory Rollback and Recovery

StealthRECOVER Now Available for Active Directory Rollback and Recovery

AD Rollback and Recovery When I worked as an Active Directory (AD) Architect for over a decade, one of the most challenging tasks I experienced was the inability to easily and safely undo the mistakes administrators and I made. While Microsoft does provide some capabilities for recovering deleted objects with the AD recycle bin, it still does not offer an easy way to rollback and recover from other changes, including rolling back attribute changes for a user or group. For…

Read More Read More

Market Trends: AD Security Assessment and Rollback and Recovery

Market Trends: AD Security Assessment and Rollback and Recovery

AD Security Assessment Active Directory security is a hot topic. Some security professionals have made their living by uncovering vulnerabilities in directory services. Take for instance, Sean Metcalf at ADSecurity.org. He has an entire blog focused on Active Directory security. What tends to be lacking, however, is an easy-to-follow Security Assessment that highlights critical areas of concern in a Microsoft Active Directory and Windows environment. Most organizations aren’t aware they even have a problem—as issues in their directory and server…

Read More Read More

Market Trends: 2017 Cybersecurity Trends

Market Trends: 2017 Cybersecurity Trends

2017 – A New Hope Protecting your company in 2017 should start from the inside out. Organizations have spent the last decade securing the perimeter from external threats with a fair amount of success. However, in the last couple years one of the most serious threats to cybersecurity stepped to the fore: the Insider.  StaySafeOnline.org recently highlighted the importance of training more of your employees to become security aware. The idea is to have many eyes focused on securing an…

Read More Read More

Market Trends: Don’t Be Your Own Worst Enemy

Market Trends: Don’t Be Your Own Worst Enemy

The year 2016 is being called the Year of the Breach. A recent study by the Ponemon Institute shows that two-thirds of organizations affected by a cyber breach are unable to recover from the attack. Imagine these organizations – so many of them – ceasing to operate one by one as wanton and malicious cyber-attacks damage their critical infrastructure, reveal operational strategies or trade secrets to competitors, or even taint the public’s perception of an entire brand! Of course it’s…

Read More Read More

StealthAUDIT Feature Pack: Best Practice Reports Now Available for Active Directory, Desktop and Server Infrastructure

StealthAUDIT Feature Pack: Best Practice Reports Now Available for Active Directory, Desktop and Server Infrastructure

StealthAUDIT is offering an exciting update on Wednesday with its first official Feature Pack. In this first feature pack, we are focusing on Active Directory and Systems Best Practices for Security and Operations. Let’s look at each in more detail. Active Directory Best Practices Active Directory (AD) provides authentication and authorization services for the majority of IT systems. AD is growing increasingly complex, less secure, and more difficult to manage. StealthAUDIT for Active Directory is an auditing, compliance, and governance…

Read More Read More

Operations and Security: An Amicable Separation?

Operations and Security: An Amicable Separation?

Active Directory Operations and Security As the primary authentication and authorization service for the majority of IT systems, the importance of Microsoft’s Active Directory (AD) cannot be understated. Over time, AD has grown increasingly complex, less secure, and more difficult to manage, resulting in a growing problem for organizations large and small. Given its importance, AD is often viewed from two main perspectives: operations and security. Operations The ultimate goal of an AD operations assessment is to determine what your…

Read More Read More

Discovering Privileged Accounts and What They Can Do

Discovering Privileged Accounts and What They Can Do

Can They Access Sensitive Data? Businesses are facing unique challenges related to “privileged accounts,” accounts that are built into applications or systems with privileges that normal users do not have. Privileged accounts can also be created by administrators to manage specific applications, run services, execute tasks, and control file systems. Such privileged accounts are necessary for day-to-day operations in environments containing Windows domain-joined systems, standalone Windows machines, and UNIX or Linux infrastructure.  These accounts become of particular importance when they…

Read More Read More

Comprehensive Auditing and Protection For Group Policy Objects

Comprehensive Auditing and Protection For Group Policy Objects

Group Policy is a native Microsoft technology. It allows organizations running Active Directory to centrally control and configure both user and computer settings to domain-joined machines. Group Policy allows administrators to make sweeping changes to all aspects of connected operating systems, including the Registry, for example. When implemented properly, this technology simplifies overall operating system configuration, patching, software deployment, and security. When implemented improperly, Group Policy is a nightmare for administrators and the security practitioners charged with measuring its effectiveness. What…

Read More Read More

Market Trends: Key Findings From The Verizon DBIR

Market Trends: Key Findings From The Verizon DBIR

The 2016 Verizon DBIR is an all-encompassing look at a years’ worth of cyber related attacks. The most compelling statistic from the 2016 report states that in 93% of cases it only took an attacker minutes to compromise systems and networks, but weeks or months for the affected company to even realize that an incident had occurred. What does this say about our detection and mitigation strategies as an industry? What we do know is that attackers typically exploit the…

Read More Read More

The Mossack Fonseca “Panama Papers” – Our Take

The Mossack Fonseca “Panama Papers” – Our Take

Several lessons can be learned from the spotlight that has been turned on Mossack Fonseca. For those of you just coming up to speed on “The Panama Papers”, Mossack Fonseca became a victim of a massive data breach. I use the term victim with a grain of salt as what the papers actually revealed about the global rich, privileged, and powerful is up for discussion. The lessons learned span two key areas of how the breach occurred and what could…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.