Browsed by
Category: STEALTHbits ProTip

Protip: How to Use the STEALTHbits Privileged Activity Manager for Delegated Access to Active Directory

Protip: How to Use the STEALTHbits Privileged Activity Manager for Delegated Access to Active Directory

Oftentimes, helpdesk operators are given access to accounts with privileges covering a broad range of tasks. A better approach is to apply delegated permissions for the specific task in hand, and then to remove those privileges once the action has been completed. STEALTHbits Privileged Activity Manager (SbPAM) can allow AD rights to be dynamically added to a helpdesk operator account at the point it is required. To do this you will need to create a new Activity. Step 1) Create…

Read More Read More

ProTip: Using the AIC to Identify Employees Attempting to Access Data They Shouldn’t Be

ProTip: Using the AIC to Identify Employees Attempting to Access Data They Shouldn’t Be

Breaches are an everyday occurrence. IT security professionals work tirelessly to protect against attackers penetrating their organization’s IT infrastructure, but what about the malicious insider? Do you ever wonder if users in your organization are poking around where they shouldn’t be? An easy way to investigate, using out-of-the-box capabilities aligned with StealthAUDIT 9.0 and our Access Information Center (AIC), is to leverage the activity information available via STEALTHbits Technologies: Step 1) Select any “sensitive” folder (for example HR or Finance)…

Read More Read More

ProTip: Utilizing the New Active Directory Activity Reporting in StealthAUDIT 9.0

ProTip: Utilizing the New Active Directory Activity Reporting in StealthAUDIT 9.0

The recent release of StealthAUDIT 9.0 brings a lot of new features and exciting improvements.  Among them, include enhancements and capabilities aligning to our Active Directory (AD) & Azure, Box, Dropbox, Exchange, File Systems, SharePoint, and Windows modules. We even introduced a new module for Oracle database auditing and compliance reporting which is very exciting for our users, enabling them to understand permissions, activity events, sensitive data and configuration related information within those environments. One of the more exciting features,…

Read More Read More

ProTip: LDAP Reconnaissance

ProTip: LDAP Reconnaissance

The start of Active Directory attacks, like LDAP Reconnaissance, involves finding vulnerabilities on a network and grabbing “intel” about sensitive accounts like Domain, Enterprise, and Schema Admins. After an attacker initially compromises a system on a network, they will pretty much have no privileges in the domain. This leaves an attacker hungry for more, and with the way Active Directory is designed, they can query objects inside a directory pretty easily. LDAP queries are key in an attacker gaining this…

Read More Read More

ProTip – Active Directory Advanced Threat Analytics and Response

ProTip – Active Directory Advanced Threat Analytics and Response

STEALTHbits Technologies’ most recent release, StealthDEFEND 2.0, brings with it a whole new suite of advanced threat analytics inside of Active Directory (AD). If you are already a user of StealthDEFEND, you are already aware of the great response and analytics it provides for file system monitoring by leveraging machine learning and user behavior analytics. Now, with StealthDEFEND 2.0, and the expansion into new threats and monitoring capabilities around AD, STEALTHbits Technologies is uniquely positioned to address threat protection for…

Read More Read More

ProTip – Adding Real-Time Analytics to GDPR

ProTip – Adding Real-Time Analytics to GDPR

We recently released our “5 Cybersecurity Trends for 2019” covering a few of our technical experts’ opinions here at STEALTHbits. One trend is specifically around GDPR fines causing organizations to finally get serious about GDPR compliance this year. In this edition of our ProTip, I will walk you through how you can add in StealthAUDIT’s real-time analytics to Active Directory and File System data to enable reporting for these regulations. Our Vice President of Product Strategy, Ryan Tully, shed some…

Read More Read More

ProTip – Enterprise Password Enforcer Complex Policies

ProTip – Enterprise Password Enforcer Complex Policies

StealthINTERCEPT Enterprise Password Enforcer Safeguards from Authentication-Based Attacks Using a curated dictionary of known compromised passwords and dozens of password filters, StealthINTERCEPT Enterprise Password Enforcer (EPE) safeguards your organization from authentication-based attacks. This is accomplished by proactively preventing these weak and compromised passwords from being used – regardless of whether or not they meet complexity requirements – further enforcing password hygiene and reducing the opportunity for attackers to crack or guess passwords in automated or manual fashions.     Our…

Read More Read More

ProTip – Gain Visibility into How Users Access Unstructured Data

ProTip – Gain Visibility into How Users Access Unstructured Data

Gain Visibility – How are Users Accessing Your Unstructured Data? Recently, STEALTHbits Technologies partnered with the Ponemon Institute to create a report on “The 2018 Study on the State of Data Access Governance”. The report highlighted and outlined the current state of Data Access Governance (DAG) in organizations, as well as the effect that it could have to reduce risk of exposure of confidential data. The findings are very interesting and I personally suggest you give it a read to…

Read More Read More

ProTip – Protecting Sensitive Data Step-up Authentication

ProTip – Protecting Sensitive Data Step-up Authentication

In prior ProTips we have explored discovering sensitive data throughout the environment, managing access to that data and monitoring it. Today’s ProTip focuses on adding an additional layer of protection that protects sensitive data in the event of a Ransomware outbreak, or compromised credentials being used to steal data. Creating the Investigation First, we create an investigation that looks for users accessing sensitive data. There are several things that happen behind the scenes – first data is discovered, classified and…

Read More Read More

ProTip: Eliminating Weak Active Directory Passwords

ProTip: Eliminating Weak Active Directory Passwords

Here’s a quick way to identify accounts with bad passwords in your Active Directory (AD). If you’re running StealthAUDIT for Active Directory, this is a very effective yet low-effort way to eliminate compromised passwords from your domain. Finding the bad passwords: From your web browser, click through the report tree down to the Active Directory>Users section. The report you want is called ‘Weak Password Checks.’ One of the checks in this report performs a hash comparison between your AD passwords…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.