Browsed by
Author: gabriel-gumbs

Gabriel Gumbs is the VP of Product Strategy at STEALTHbits Technologies responsible for end-to-end product vision and innovation. With a 16 year tenure in CyberSecurity, he has spent most of that time as a security practitioner, aligning security innovations with business objectives for Fortune 100 organizations. Gabriel is an information security thought leader, privacy advocate and public speaker.
ProTip – Protecting Sensitive Data Step-up Authentication

ProTip – Protecting Sensitive Data Step-up Authentication

In prior ProTips we have explored discovering sensitive data throughout the environment, managing access to that data and monitoring it. Today’s ProTip focuses on adding an additional layer of protection that protects sensitive data in the event of a Ransomware outbreak, or compromised credentials being used to steal data. Creating the Investigation First, we create an investigation that looks for users accessing sensitive data. There are several things that happen behind the scenes – first data is discovered, classified and…

Read More Read More

How Threat Analysts have Become Superstitious: Superstition vs. Machine Learning with StealthDEFEND v1.2

How Threat Analysts have Become Superstitious: Superstition vs. Machine Learning with StealthDEFEND v1.2

The American psychologist B. F. Skinner conducted an experiment to examine how superstitions are formed. Using one of his favorite test subjects, pigeons, he observed that the pigeons associated whatever chance actions they had been performing when they were fed. Some of the birds would turn twice, while others would peck three times and they all repeated these behaviors with the expectation that they would be rewarded with food. Traditional cyber security has been suffering from this condition for quite…

Read More Read More

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Those of you that are familiar with STEALTHbits know that protecting credentials is in our DNA – there is no separating credential protection from a sane data protection strategy. The operative word being “sane”. Earlier this year we introduced the first iteration of our Enterprise Password Enforcer, a password policy enforcement tool for Active Directory. In the first release, we focused on creating a solution that was transparent and operationally friendly. It did not require reboots when updating policies or…

Read More Read More

Market Trends: Privileged Access and Insider Threats

Market Trends: Privileged Access and Insider Threats

Halfway through the year, 2018 has seen an increase of insider threats that continue to highlight how privileged access is easily abused for a variety of nefarious activities. Telsa, the electronic car manufacturer, was hit by an insider that used their access to sabotage systems and give away trade secrets. A Punjab National Bank employee gained access to sensitive passwords to the SWIFT interbank transaction system. And in a further abuse of user’s privacy and trust, a member of Facebook’s…

Read More Read More

GDPR–A Crash Course

GDPR–A Crash Course

If you find yourself among the minority that is “ready” I congratulate you, as data privacy will no longer stand still for any of us. And those who find themselves among the majority that is not ready, this is a good time to practice the principle of priority.

Announcing StealthDEFEND 1.1

Announcing StealthDEFEND 1.1

Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that skills are not the only shortage we face. Many security challenges are becoming too complex to solve via traditional…

Read More Read More

2018 Threat Hunting Report

2018 Threat Hunting Report

67% of organizations are not confident in their ability to uncover insider threats? In response to new challenges, threat hunting is a developing security practice that focuses on proactively detecting and isolating advanced threats. Detecting, preventing and mitigating “insider threats” is the most common reason for an organization to have a threat hunting program. However, in practice, what some call an “insider threat,” others may call “internal security monitoring.” Definitions of what an insider threat is can range from internal…

Read More Read More

A Tale of One City – Data Privacy Day

A Tale of One City – Data Privacy Day

Data Privacy Day is among us, and for that matter so is EU GDPR and NYCRR 500. What do these all have in common? Well, privacy. Privacy by design really should be more than just the mantra of GDPR, it needs to become the mantra of everyone handling any type of customer information. I do have hope that it will. How do you achieve privacy by design? EU GDPR along with NYCRR 500 are both privacy-focused regulations and they both…

Read More Read More

Market Trends: Announcing StealthINTERCEPT 5.0 General Availability – With Enterprise Password Enforcer & LSASS Guardian™

Market Trends: Announcing StealthINTERCEPT 5.0 General Availability – With Enterprise Password Enforcer & LSASS Guardian™

Transforming Active Directory Security Five years ago we introduced the StealthINTERCEPT product line, to address the growing requirement for a comprehensive Active Directory change and access monitoring solution. We know that Active Directory is safest when it is clean, properly configured, closely monitored, and tightly controlled – that is exactly what StealthINTERCEPT has been successfully doing for its users. The security implications of a well maintained and monitored AD environment have significantly increased in the years since we first released…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.