ProTip – Enterprise Password Enforcer Complex Policies

ProTip – Enterprise Password Enforcer Complex Policies

StealthINTERCEPT Enterprise Password Enforcer Safeguards from Authentication-Based Attacks Using a curated dictionary of known compromised passwords and dozens of password filters, StealthINTERCEPT Enterprise Password Enforcer (EPE) safeguards your organization from authentication-based attacks. This is accomplished by proactively preventing these weak and compromised passwords from being used – regardless of whether or not they meet complexity requirements – further enforcing password hygiene and reducing the opportunity for attackers to crack or guess passwords in automated or manual fashions.     Our…

Read More Read More

ProTip – Gain Visibility into How Users Access Unstructured Data

ProTip – Gain Visibility into How Users Access Unstructured Data

Gain Visibility – How are Users Accessing Your Unstructured Data? Recently, STEALTHbits Technologies partnered with the Ponemon Institute to create a report on “The 2018 Study on the State of Data Access Governance”. The report highlighted and outlined the current state of Data Access Governance (DAG) in organizations, as well as the effect that it could have to reduce risk of exposure of confidential data. The findings are very interesting and I personally suggest you give it a read to…

Read More Read More

ProTip – Protecting Sensitive Data Step-up Authentication

ProTip – Protecting Sensitive Data Step-up Authentication

In prior ProTips we have explored discovering sensitive data throughout the environment, managing access to that data and monitoring it. Today’s ProTip focuses on adding an additional layer of protection that protects sensitive data in the event of a Ransomware outbreak, or compromised credentials being used to steal data. Creating the Investigation First, we create an investigation that looks for users accessing sensitive data. There are several things that happen behind the scenes – first data is discovered, classified and…

Read More Read More

ProTip: Eliminating Weak Active Directory Passwords

ProTip: Eliminating Weak Active Directory Passwords

Here’s a quick way to identify accounts with bad passwords in your Active Directory (AD). If you’re running StealthAUDIT for Active Directory, this is a very effective yet low-effort way to eliminate compromised passwords from your domain. Finding the bad passwords: From your web browser, click through the report tree down to the Active Directory>Users section. The report you want is called ‘Weak Password Checks.’ One of the checks in this report performs a hash comparison between your AD passwords…

Read More Read More

ProTip: Make Use of the New Features in STEALTHbits Activity Monitor 3.0

ProTip: Make Use of the New Features in STEALTHbits Activity Monitor 3.0

The release of the highly anticipated STEALTHbits Activity Monitor 3.0 brings some new and innovate features and functionality, which users will appreciate. The addition of SharePoint activity support will instantly add value to existing SharePoint solutions through the receiving of activity information in StealthAUDIT reports along with the ability to send real-time SharePoint events over to a SIEM device. Also included in the STEALTHbits Activity Monitor 3.0 release is support for Nasuni monitoring, which joins an extensive list of supported…

Read More Read More

Configure Criteria to Meet Compliance Standards

Configure Criteria to Meet Compliance Standards

Now that EU GDPR has arrived, it is important to understand how to configure groups of criteria to the compliance standards your organization is concerned about most. StealthAUDIT’s Sensitive Data Discovery allows you to identify file content that matches your set criteria. This can be done for keywords or regular expressions, as well as groups of any of those criteria sets. The configuration for this is found within the Criteria Editor. To get there navigate the Job Tree to the…

Read More Read More

ProTip: How to Utilize the New Investigate Feature in StealthDEFEND 1.1

ProTip: How to Utilize the New Investigate Feature in StealthDEFEND 1.1

The latest release of StealthDEFEND 1.1 brings us a new highly anticipated feature, Investigations. This brings a new custom experience to the threats and alerts you see in the product by allowing you to define your own threats by specifying the: who, what, where, and when. By navigating to the “Investigate” page in the menu, you are presented with the file activity events for the current day along with the top hosts, top users, and event details. I really like utilizing…

Read More Read More

ProTip: StealthINTERCEPT Health Monitoring

ProTip: StealthINTERCEPT Health Monitoring

StealthINTERCEPT provides great threat hunting capabilities, so naturally, the health of our systems is paramount.  StealthINTERCEPT Health Alerts give us the information we need to ensure we keep getting the data we care about. Agent connectivity is my main concern, although SI Agents will cache a fair amount of events, I want to get them communicating again ASAP to prevent any delay in my security awareness.  Our first step is to navigate to our alerts controls located in the top…

Read More Read More

ProTip: StealthAUDIT Data Views for SQL Sensitive Criteria Matches

ProTip: StealthAUDIT Data Views for SQL Sensitive Criteria Matches

With our focus on SQL Attacks this month, I naturally think about what data is being attacked as well.  StealthAUDIT’s SQL Solution Set can show us a lot of valuable information but collects even more than what immediately shows. StealthAUDIT Data Views are my go-to tool when I want advanced manipulation of data for an export.  Some of these are immediately available, and others must be “turned on” for viewing in the job tree. First, an analysis must be configured;…

Read More Read More

STEALTHbits ProTip: Advanced StealthINTERCEPT Alerting

STEALTHbits ProTip: Advanced StealthINTERCEPT Alerting

With each iteration, StealthINTERCEPT shows more value to our customers. StealthINTERCEPT 5.0’s AD Security focused data means alerting will become even more essential, and those alerts should contain what’s important to you.  Let’s take a moment to learn how your organization can configure and benefit from StealthINTERCEPT 5.0 Notifications. First, navigate to the Alerts section found under Configuration > Alerts:   Once in the System Alerts section, click on the Email tab and toggle the slider in the top right…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.