Part 5: Do Too Many Users Have Privileged Access Rights?

Part 5: Do Too Many Users Have Privileged Access Rights?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Do Too Many Users Have Privileged Access Rights? Do your users have privileged access rights they don’t need? According to a recent Ponemon report on the State of Data Access Governance, plenty of organizations are granting privileged access rights for “no apparent reason”. Others are even granting privileged access to every user at a certain job level, even if it is not required to do their…

Read More Read More

Best Quest Alternative

Best Quest Alternative

Looking for a Quest Alternative? If you’ve been following STEALTHbits and our achievements in the Active Directory Management and Security space, you know we’ve been on a Quest to become your go-to Active Directory security solution provider and Quest Alternative. At STEALTHbits, we believe customers deserve the most innovative solutions and creative capabilities on the market, as well as a partner who will help you make informed decisions about the solutions you’re investing in. Most importantly, we believe you should…

Read More Read More

Part 4: Are You Securing Active Directory?

Part 4: Are You Securing Active Directory?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are You Securing Active Directory? As an IT professional, you’ve likely made a number of different investments to protect the data within your organization. In order to help with the provisioning of user access rights, you may have invested in an Identity and Access Management (IAM) solution. You’ve likely adopted a SIEM and Data Loss Prevention (DLP) platform as well. And you should!  These technologies provide…

Read More Read More

The Top 5+1 Things You Should do to Harden Your Active Directory Infrastructure

The Top 5+1 Things You Should do to Harden Your Active Directory Infrastructure

Microsoft Active Directory (AD) is the central credential store for 90% of organizations worldwide.  As the gate keeper to business applications and data, it’s not just everywhere, it’s everything!  Managing AD is an ongoing, never-ending task, and securing it is even harder.  At STEALTHbits, we talk to a lot of customers who are using our tools to manage and secure AD, and over the years, several key strategies for tightening up security and hardening AD to resist attacks have emerged….

Read More Read More

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Those of you that are familiar with STEALTHbits know that protecting credentials is in our DNA – there is no separating credential protection from a sane data protection strategy. The operative word being “sane”. Earlier this year we introduced the first iteration of our Enterprise Password Enforcer, a password policy enforcement tool for Active Directory. In the first release, we focused on creating a solution that was transparent and operationally friendly. It did not require reboots when updating policies or…

Read More Read More

Detecting Pass-the-Hash with Honeypots

Detecting Pass-the-Hash with Honeypots

Credential theft within Windows and Active Directory continues to be one of the most difficult security problems to solve.  This is made clear in the Verizon DBIR where it is reported that the use of stolen credentials is the #1 action identified across data breaches. Microsoft has acknowledged this challenge and responded with a guide on how to mitigate the Pass-the-Hash attack.  They have expanded on their recommendations and outlined steps to set up a tiered Active Directory environment and…

Read More Read More

ProTip: Eliminating Weak Active Directory Passwords

ProTip: Eliminating Weak Active Directory Passwords

Here’s a quick way to identify accounts with bad passwords in your Active Directory (AD). If you’re running StealthAUDIT for Active Directory, this is a very effective yet low-effort way to eliminate compromised passwords from your domain. Finding the bad passwords: From your web browser, click through the report tree down to the Active Directory>Users section. The report you want is called ‘Weak Password Checks.’ One of the checks in this report performs a hash comparison between your AD passwords…

Read More Read More

Key Take Aways from the Ponemon 2018 Cost of Insider Threats Report

Key Take Aways from the Ponemon 2018 Cost of Insider Threats Report

Since 2016 the Ponemon Institute has released a yearly report on the cost of insider threats, and this year’s report covered some statistics that may surprise you. Most people relate to incidents and breaches that originate from outside the organization. Practitioners, however know that they cannot focus only on the outsider threat but also the threat from insiders and how costly it can be. The Ponemon Institute was able to shine some much needed light on the cost occurred by…

Read More Read More

The State of Microsoft Active Directory – Report by Forrester

The State of Microsoft Active Directory – Report by Forrester

Forrester just released The State of Microsoft Active Directory 2018 report by Merritt Maxim, and it’s definitely something that anyone interested in current state of Active Directory (AD) usage and where it’s going should read. Here are some of the key takeaways summarized by the report: Demand for Cloud Based AD is growing. On-prem AD is still dominant in the enterprise, but as cloud deployments of applications and services grow, AD in the cloud is growing with them. If you…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.