Browsed by
Author: jonathan-sander

Jonathan Sander is STEALTHbits’ Chief Technology Officer (CTO). As CTO, he is responsible for driving technical innovation, ensuring that STEALTHbits is well positioned in their current and emerging markets, and he will also lead corporate development efforts. Jonathan also plays the role of evangelist at STEALTHbits venues large and small. Prior to STEALTHbits, Jonathan was VP of Product Strategy for Lieberman Software. As part of Quest Software from 1999 through 2013, he worked with the security and ITSM portfolios. He helped launch Quest’s IAM solutions, directing all business development and product strategy efforts. Previous to that, Mr. Sander was a consultant at Platinum Technology focusing on the security, access control and SSO solutions. He graduated from Fordham University with a degree in Philosophy.
Where Real Organizations Are with EU GDPR 10 Days from Launch

Where Real Organizations Are with EU GDPR 10 Days from Launch

I’m writing this sitting in Germany, having spent one week meeting with customers from the UK, Switzerland, and other places and about to spend another at the Kuppinger Cole EIC Conference. The conference agenda is loaded up with EU GDPR topics, and there will be more to say about that in another post. It was very interesting last week to hear from customers, prospects, and partners where their GDPR efforts are right now. With the May 25th date looming, it would be easy to expect…

Read More Read More

Auditing and Reporting for Box Like Never Before

Auditing and Reporting for Box Like Never Before

Something I say in customer meetings a lot is that unstructured data isn’t glamourous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads to an interesting effect in meetings. Often prospects and customers will ask us what…

Read More Read More

Gain System Access and Persistence with SQL Native Attacks – SQL Attacks

Gain System Access and Persistence with SQL Native Attacks – SQL Attacks

What to Do with Your New SQL Kingdom In the last posts, we explored ways to gain access to MS SQL and to extract the data it contains. The fun thing with MS SQL, though, is that is just the start. Every application has a certain amount of access to other resources. Databases generally have a lot of low-level access to system since their whole purpose in life is to optimize access to data. That means augmenting some basic IO…

Read More Read More

Compromise with PowerUpSQL – SQL Attacks

Compromise with PowerUpSQL – SQL Attacks

Completely Owning MS SQL Server If what you’re after is a toolkit to own Microsoft SQL Server from end to end, then what you need is PowerUpSQL. Implemented in PowerShell and as complete as they come, PowerUpSQL has tools to discover, compromise, elevate, target, and own just about any SQL system. It’s the whole kill chain in one tool. Just as I could have run all the initial discovery and compromise through metasploit but chose to break it up, I…

Read More Read More

Finding Microsoft SQL Server Targets – SQL Attacks

Finding Microsoft SQL Server Targets – SQL Attacks

After all the posts about attacking different parts of IT infrastructure, it seems impossible that we have never used nmap as a tool before. Nmap is one of the most reliable and well-known tools of the trade for attackers. More than that, it is used by security pros and IT admins for a huge number of tasks. In their own words, the makers of nmap say it is a “utility for network discovery and security auditing.” I think that sells…

Read More Read More

Attacking Microsoft SQL Server Databases

Attacking Microsoft SQL Server Databases

In the business of selling security solutions, not too long ago the phrase “defense in depth” dominated the messages. It was meant to evoke an image of defending each layer of the IT infrastructure with uniquely suited solutions. Now everyone recognizes that the notions about perimeter defenses are flawed. Real security is built in to everything, not wrapped around it. However, there are many corners of the IT stack that seem to still behave as if security is going to…

Read More Read More

2017 Cybersecurity Recap & 2018 Predictions – Insider Threat Podcast #13

2017 Cybersecurity Recap & 2018 Predictions – Insider Threat Podcast #13

In our thirteenth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing, and Gabriel Gumbs, VP of Product Strategy. We discussed our 2017 Cybersecurity Recap & 2018 Predictions Report, and tried to focus on the prediction part of things since we are at the start of the new year. After a quick look over the shoulder at the trends we spotted in 2017, we move right through…

Read More Read More

2017 Cybersecurity Recap & 2018 Predictions – Insider Threat Podcast #13

2017 Cybersecurity Recap & 2018 Predictions – Insider Threat Podcast #13

In our thirteenth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing, and Gabriel Gumbs, VP of Product Strategy. We discussed our 2017 Cybersecurity Recap & 2018 Predictions Report, and tried to focus on the prediction part of things since we are at the start of the new year. After a quick look over the shoulder at the trends we spotted in 2017, we move right through…

Read More Read More

StealthDEFEND – Insider Threat Podcast #11

StealthDEFEND – Insider Threat Podcast #11

In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan & Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access Governance suite. We discussed ransomware, unsupervised machine learning, and more. Jonathan SanderJonathan Sander is STEALTHbits’ Chief Technology Officer…

Read More Read More

StealthAUDIT 8.1 – Insider Threat Podcast #12

StealthAUDIT 8.1 – Insider Threat Podcast #12

In our twelfth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammate, Adam Laub, the Senior Vice President of Product Marketing. In a reversal of the typical flow of things, Adam had questions for me. With the release of StealthAUDIT 8.1 fast approaching, he wanted to know how some of the headline features fit into the view of the world from an insider threat perspective. 8.1 is a minor release, and, as is usual with a…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.

Privacy Preference Center

Necessary

Advertising

Analytics

Other