Browsed by
Author: stealthbits-technologies

Best Quest Alternative

Best Quest Alternative

Looking for a Quest Alternative? If you’ve been following STEALTHbits and our achievements in the Active Directory Management and Security space, you know we’ve been on a Quest to become your go-to Active Directory security solution provider and Quest Alternative. At STEALTHbits, we believe customers deserve the most innovative solutions and creative capabilities on the market, as well as a partner who will help you make informed decisions about the solutions you’re investing in. Most importantly, we believe you should…

Read More Read More

Top 10 Ways to Identify and Detect Privileged Users by Randy Franklin Smith

Top 10 Ways to Identify and Detect Privileged Users by Randy Franklin Smith

Privileged users are the penultimate goal of cyberattacks. Once attackers have privileged access, it’s only a small step to the information they want to steal. Cybercriminals leverage tools such as malware and phishing scams to gain a foothold within your organization, looking for ways to access and utilize credentials. In “wash, rinse, repeat” fashion, attackers patiently claw and scrape their way from first gaining access to a low-level local account all the way up to getting the highest privileged accounts…

Read More Read More

Active Directory Domain Consolidations and Migration

Active Directory Domain Consolidations and Migration

You may have heard us discuss Active Directory domain consolidations or domain migrations in the past but there’s been significant recent progress in how we approach large consolidation projects. We call it Active Directory Unification and we’ve built new out of the box intelligence into our existing product set. It’s not just about getting from point A to point B. When you’re going domain consolidation ratio is in the neighborhood of 100:1 (or even 10:1), you’d better make sure you…

Read More Read More

The File System, Active Directory, Real-Time Changes, and You

The File System, Active Directory, Real-Time Changes, and You

GPOs are a bit of a strange beast. They exist in two worlds – the file system, and active directory – and they affect many more. Sort of like a platypus – a poisonous mammal that lays eggs and has a duck-bill, a beaver tail, and the feet of an otter – the GPO has the characteristics of both files and AD objects while affecting security, the registry, applications, and many other parts of your forest. And that makes it…

Read More Read More

SANS Top 20 Critical Security Controls

SANS Top 20 Critical Security Controls

Information security is complex to say the least. It can feel overwhelming for security professionals as we get our heads around all of the issues and approaches to protecting data. Many of the frameworks out there (NIST, ISO, COBIT/COSO, etc.) may help as part of a long term strategic approach, but they don’t make life much easier in the short term. It’s often a six month project just to figure out what they’re talking about. The SANS Institute has developed…

Read More Read More

Dynamic Access Control

Dynamic Access Control

Windows 8/2012, DAC, and you TechEd has come and gone, but it seems we can’t quite shake off all the buzz. Some of the things that we saw at TechEd are still making us go “hmmmmmmm”. One of those things is Dy namic Access Control. At TechEd, Microsoft unveiled a new system of controlling access, and it’s both more powerful, and potentially more complicated than anything we’ve seen before. You can find a good primer here: https://technet.microsoft.com/en-us/video/dynamic-access-control-demo-walkthrough.aspx The part of…

Read More Read More

AD Change Happens on DCs

AD Change Happens on DCs

Change Happens. Users come and go, their properties change, policy needs are revised, and groups have their memberships updated. Changes are made all over your organization, and they eventually find their way to your Domain Controllers where objects are modified and the changes replicate throughout your organization. Keeping tabs on all of these changes is a tricky proposition, but it’s our job to make it simple here at STEALTHbits. We all know that changes actually happen on DCs, and when…

Read More Read More

Data & Access Governance for the Masses (of servers)

Data & Access Governance for the Masses (of servers)

We’ve been building and perfecting our solution for data and access governance over the past few years and we’ve learned that two of the biggest considerations for data governance solutions are (1) Scalability and (2) Coverage. Scalability Scalability is critical. Any solution that attempts to scan a server will take some amount of time depending on how big the server is and how deep the scan goes. We can’t control the number of servers or the fact that scanners take…

Read More Read More

Open File Shares: A Pragmatic Approach

Open File Shares: A Pragmatic Approach

A number of STEALTHbits’ customers have reported that their #1 audit challenge boils down to open file shares. Auditors are clearly concerned with access and while it’s difficult to understand access rights across millions of individual files, it’s immediately apparent when there are file shares that are open to anyone. But, how do you approach a problem that spans across thousands of servers? Do you implement a monitoring solution for three months? Manually sift through each one? Well, you could…

Read More Read More

File Share Entitlement Review: Finding the Owner

File Share Entitlement Review: Finding the Owner

One thing top of mind for information security professionals is understanding who has access to what and being able to provide clear, concise reporting around it. We call it Access Governance or Data Governance and it consists of entitlement reviews, access reviews, or audit reporting. The terms overlap and the complete superset of product features around this challenge can seem overwhelming and difficult to comprehend. At STEALTHbits, we simplify things. We’ve developed quick-win solutions that get you from where you…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.