Browsed by
Author: Darin Pendergraft

As the VP of Product Marketing, Darin is responsible for product messaging and positioning as well as generating industry and market awareness for STEALTHbits products.  He is an experienced leader who has worked in software for over 21 years. Prior to joining STEALTHbits, he was VP of Marketing for Quorum and SecureAuth, and has held positions in product management & product marketing at Oracle, and Quest Software.
Best Practices for Storage Reclamation – Part 3 of 3

Best Practices for Storage Reclamation – Part 3 of 3

In parts 1 and 2 of this blog series, we introduced the key elements of a storage reclamation program and dove deeply into 5 key capabilities that would be needed.  In this last blog, we pull all of the guidance together and wrap up the discussion. Putting It All Together With the five key capabilities addressed in the earlier blogs, any organization can be prepared to put together a comprehensive file cleanup workflow.  While no two organizations are alike, a…

Read More Read More

Best Practices for Storage Reclamation – Part 2 of 3

Best Practices for Storage Reclamation – Part 2 of 3

In part 1 of this series, we explained that there are 5 key capabilities needed for a successful file cleanup project, and discussed Capability 1 – File Discovery, and 2 – Sensitive data discovery.  In this second blog we pick up the discussion with Capability 3 – Activity and File Usage. Capability 3 – Activity and File Usage Understanding who is actively using files on file servers can offer tremendous insight into how to approach a cleanup effort.  By monitoring…

Read More Read More

Best Practices for Storage Reclamation – Part 1 of 3

Best Practices for Storage Reclamation – Part 1 of 3

Data Access Governance (DAG) has many different types of use cases, with most falling into three main categories: data security, regulatory compliance, and operational efficiency.  There has been a lot written about security due to the increasing frequency of ransomware attacks, and a lot is being written about compliance, most recently around privacy – but we haven’t talked much about the operational efficiency use case. A good DAG program allows organizations to manage more data with fewer people and to…

Read More Read More

What is Unstructured Data?

What is Unstructured Data?

Data is what drives business, and businesses are generating and consuming more data all of the time. The explosion of collaboration tools and big data analytics has only accelerated the desire for more employees to share more data across the enterprise. So it’s no surprise to IT teams that we are being asked to retain more data, of all types, make it freely available to employees in different departments and with outside business partners and, oh yeah, secure it all,…

Read More Read More

Impressions from RSA 2019

Impressions from RSA 2019

This year’s RSA convention was a riot of sights and sounds with a lot of familiar faces, mega-booths with flashy giveaways, as well as some new/old companies in the form of recently acquired or merged organizations. There were the familiar topics of security analytics, security as a service, and advanced threat detection, but on the surface, it is difficult to pick out any obvious new trends. After thinking back about everything I saw, I have decided that the one common…

Read More Read More

Taking a Data Centric Audit and Protection (DCAP) Approach Avoids the Weaknesses of a Siloed Data Security Strategy

Taking a Data Centric Audit and Protection (DCAP) Approach Avoids the Weaknesses of a Siloed Data Security Strategy

Data Centric Audit and Protection (DCAP) is a term defined by Gartner back in 2017 in response to the weaknesses of the Data Security Governance practices at the time. At that time, data protection strategies focused on the security of the application, or storage system that contained the data. This focus led to a variety of technology-specific security tools which tended to be owned and managed by different teams within IT. This siloed approach to data security worked well as…

Read More Read More

Unconstrained Delegation Exploit

Unconstrained Delegation Exploit

Microsoft released another security advisory today that affects Active Directory security. Similar to the Exchange advisory, this is coming from research done by third-party security researchers.  Here is the original post explaining the exploit. In addition, a more detailed explanation of the conditions and setting necessary for this attack to occur was posted by Roberto Rodriguez, a colleague of harmj0y’s at Specterops: Hunting in Active Directory: Unconstrained Delegation & Forests Trusts Microsoft was first notified of this attack back in October…

Read More Read More

New Exchange Authentication Vulnerability uses AD Admin to Gain Privileges

New Exchange Authentication Vulnerability uses AD Admin to Gain Privileges

STEALTHbits mitigates a new vulnerability that uses Exchange Authentication to gain AD Admin privileges A new attack has been posted by Dirk-jan Mollemma, an independent security researcher that exploits how Exchange uses NTLM over HTTP to authenticate to the Active Directory Domain. Read the complete details. This attack combines known vulnerabilities in a new way to achieve privilege escalation that can be used to attack AD. Here is how the attack works. An attacker sends a request to Exchange that causes…

Read More Read More

How STEALTHbits Helps Our Customers Comply With The CDM Program Guidelines

How STEALTHbits Helps Our Customers Comply With The CDM Program Guidelines

Continuous Diagnostic and Mitigation (CDM) Guidelines, Programs, and More Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program provides DHS, along with Federal Agencies with capabilities and tools and identify cybersecurity risks on an ongoing basis, prioritize these risks based on potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first. Congress established the CDM program to provide adequate, risk-based, and cost-effective cybersecurity and…

Read More Read More

Announcing StealthAUDIT 8.2 General Availability

Announcing StealthAUDIT 8.2 General Availability

Back at the end of October, we gave you a sneak peek at the new features coming in StealthAUDIT 8.2, and now you can see it for yourself!  8.2 is now on our website so you can go have a look for yourself at https://www.stealthbits.com/new-stealthaudit-release. StealthAUDIT 8.2 has the following new features and enhancements: Expanded Sensitive Data Discovery capabilities and platform support Support for Nasuni UniFS Hybrid NAS storage Enhanced support for Dropbox Business to include Sensitive Data Discovery Sensitive…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other