Browsed by
Author: Jonathan Sander

Jonathan Sander is STEALTHbits’ Chief Technology Officer (CTO). As CTO, he is responsible for driving technical innovation, ensuring that STEALTHbits is well positioned in their current and emerging markets, and he will also lead corporate development efforts. Jonathan also plays the role of evangelist at STEALTHbits venues large and small. Prior to STEALTHbits, Jonathan was VP of Product Strategy for Lieberman Software. As part of Quest Software from 1999 through 2013, he worked with the security and ITSM portfolios. He helped launch Quest’s IAM solutions, directing all business development and product strategy efforts. Previous to that, Mr. Sander was a consultant at Platinum Technology focusing on the security, access control and SSO solutions. He graduated from Fordham University with a degree in Philosophy.
Prevent Data Theft with File Activity Monitoring

Prevent Data Theft with File Activity Monitoring

Preventing Data Theft with File Activity Monitoring If you ask most folks who pay attention to cybersecurity what the recent big-name breaches and headline-grabbing malware have in common, you would get many answers. Some would say they were next-generation ransomware like NotPetya or WannaCry. Others would say that the HBO and Sony breaches started with a phishing email and ballooned from there. Even more would say that next-generation firewalls should have helped but didn’t. While these are all true, they…

Read More Read More

How Attackers are Stealing your Credentials with Mimikatz – Insider Threat Podcast #6

How Attackers are Stealing your Credentials with Mimikatz – Insider Threat Podcast #6

In our sixth edition of the Insider Threat Podcast, once again we spoke with our resident white hat hacker, Jeff Warren. Jeff has just finished another in our ongoing blog series about insider attacks on Active Directory (AD). This time, the focus was the Mimikatz toolkit and all the ways it’s being used to exploit weaknesses in AD. You can find out more in the main series of blog posts about Mimikatz attacks as well as supplementary posts covering Skeleton…

Read More Read More

Black Hat Roundup – Insider Threat Podcast #5

Black Hat Roundup – Insider Threat Podcast #5

In our fifth edition of the Insider Threat Podcast, we caught up with Gabriel Gumbs who has just spent the week at Black Hat 2017. Gabriel is the STEALTHbits VP of Product Strategy and his mission was to meet with some of our customers and partners at the show as well as bring back any interesting exploits and vulnerabilities that were on display for us to chew on. He certainly found a few. There were, of course, the usual set…

Read More Read More

Active Directory Permissions Attacks – Insider Threat Podcast #4

Active Directory Permissions Attacks – Insider Threat Podcast #4

In our fourth edition of the Insider Threat podcast, we have our favorite guest Jeff Warren on to discuss the latest in the AD attack series of blog posts. These attacks are always fascinating, but this one must be the most interesting yet. These attack vectors are simultaneously obscure and powerful. Most attackers aren’t sophisticated enough to leverage AD permissions in these ways, but those that are rank as the most dangerous. We started with a simple definition of what…

Read More Read More

The Value of the Active Directory Attack Blog Series

The Value of the Active Directory Attack Blog Series

Active Directory Attack Blog Series Spending time with customers in Texas last week left me speechless – literally. One customer asked me a question for which I was not prepared. They have been following our Active Directory attack blog series. They found it very interesting, but they had one major question. Why should they spend so much time thinking about what attackers do? If they spend all your time creating good security programs and practices, isn’t that the best they…

Read More Read More

Understanding the Impact of NYCRR 500

Understanding the Impact of NYCRR 500

In our third edition of the Insider Threat podcast, we turn from the bad guys attacking you to auditors attacking you. That’s a joke, but I know it does reflect the way it can feel sometimes. Many folks will ignore NYCRR 500 because they see “NYC” and think that means it isn’t about them, or they know it is being put out there by the New York State Department of Financial Services (DFS) and think that means it will not…

Read More Read More

NYCRR 500 – Insider Threat Podcast #3

NYCRR 500 – Insider Threat Podcast #3

Cybersecurity thought leader, privacy advocate and public speaker, Gabriel Gumbs talks with host Jonathan Sander about NYCRR 500, the new cybersecurity regulation by the New York State Department of Financial Services (DFS). For more information on NYCRR 500 and how your financial services entity is likely impacted, visit: https://www.stealthbits.com/nycrr-500 Jonathan Sander Jonathan Sander is STEALTHbits’ Chief Technology Officer (CTO). As CTO, he is responsible for driving technical innovation, ensuring that STEALTHbits is well positioned in their current and emerging markets,…

Read More Read More

Podcast: Service Account Attacks & How To Prevent Them

Podcast: Service Account Attacks & How To Prevent Them

Service accounts are under managed and over privileged. Being pushed along by application groups annoyed that they need to deal with any process at all, security or helpdesk folks simply make an account, give it rights, and get it in the hands of the application folks. The application team thinks the account is controlled like any other, but that’s wrong most of the time. The folks in charge of the directories think the application or security team are giving the…

Read More Read More

Service Account Attacks – Insider Threat Podcast #2

Service Account Attacks – Insider Threat Podcast #2

Service accounts are a favorite target of attackers because these accounts give them privileged access to systems, applications and data. Since service accounts do not have strict password reset policies, attackers can exploit them for extended periods of time without being detected. In this podcast, cybersecurity expert Jeff Warren speaks with host Jonathan Sander about four service account attacks and how to protect against them, including preventing attackers from using silver or golden tickets. Jonathan Sander Jonathan Sander is STEALTHbits’…

Read More Read More