New – Purpose-Built Active Directory Threat Detection & Response Platform

New – Purpose-Built Active Directory Threat Detection & Response Platform

Active Directory has always been at the center of it all, but with the advent of highly powerful, incredibly clever tools like Mimikatz, BloodHound, CrackMapExec, and the like, Active Directory has now become the center of attention. Since 2005, STEALTHbits has been providing organizations of all sizes the best products and tools available to understand, manage, and secure their increasingly complex, ever-changing, ever-growing Active Directory environments.  Now in 2019, at precisely the time its needed most, we’re both proud and…

Read More Read More

Introduction to Active Directory Backup and Recovery

Introduction to Active Directory Backup and Recovery

When I was a little kid, I knew what I wanted to be when I grew up. No, not an astronaut. Definitely not a doctor or a lawyer. When I grew up, I wanted to be the Product Manager of an Active Directory backup and recovery tool. Just kidding. I’m pretty sure I wanted to be a Transformer. Now that I’m grown up older and not a Transformer, I’ve been tasked with writing a series of blog posts which explain…

Read More Read More

How to Detect Pass-the-Hash Attacks

How to Detect Pass-the-Hash Attacks

This is the first in a 3-part blog series, that will be followed by a webinar February 28th. Lateral movement techniques are one of the most common approaches attackers can use to infiltrate your network and obtain privileged access to your credentials and data. This has been seen recently with modern ransomware such as SamSam and Ryuk. We’ve looked recently at how to detect pass-the-hash attacks using honeypots and in doing research into the most effective ways to detect this type…

Read More Read More

New Exchange Authentication Vulnerability uses AD Admin to Gain Privileges

New Exchange Authentication Vulnerability uses AD Admin to Gain Privileges

STEALTHbits mitigates a new vulnerability that uses Exchange Authentication to gain AD Admin privileges A new attack has been posted by Dirk-jan Mollemma, an independent security researcher that exploits how Exchange uses NTLM over HTTP to authenticate to the Active Directory Domain. Read the complete details. This attack combines known vulnerabilities in a new way to achieve privilege escalation that can be used to attack AD. Here is how the attack works. An attacker sends a request to Exchange that causes…

Read More Read More

Part 5: Do Too Many Users Have Privileged Access Rights?

Part 5: Do Too Many Users Have Privileged Access Rights?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Do Too Many Users Have Privileged Access Rights? Do your users have privileged access rights they don’t need? According to a recent Ponemon report on the State of Data Access Governance, plenty of organizations are granting privileged access rights for “no apparent reason”. Others are even granting privileged access to every user at a certain job level, even if it is not required to do their…

Read More Read More

Best Quest Alternative

Best Quest Alternative

Looking for a Quest Alternative? If you’ve been following STEALTHbits and our achievements in the Active Directory Management and Security space, you know we’ve been on a Quest to become your go-to Active Directory security solution provider and Quest Alternative. At STEALTHbits, we believe customers deserve the most innovative solutions and creative capabilities on the market, as well as a partner who will help you make informed decisions about the solutions you’re investing in. Most importantly, we believe you should…

Read More Read More

Part 4: Are You Securing Active Directory?

Part 4: Are You Securing Active Directory?

What Keeps You Up at Night? Insights from a Ponemon Data Access Governance Study: Are You Securing Active Directory? As an IT professional, you’ve likely made a number of different investments to protect the data within your organization. In order to help with the provisioning of user access rights, you may have invested in an Identity and Access Management (IAM) solution. You’ve likely adopted a SIEM and Data Loss Prevention (DLP) platform as well. And you should!  These technologies provide…

Read More Read More

The Top 5+1 Things You Should do to Harden Your Active Directory Infrastructure

The Top 5+1 Things You Should do to Harden Your Active Directory Infrastructure

Microsoft Active Directory (AD) is the central credential store for 90% of organizations worldwide.  As the gate keeper to business applications and data, it’s not just everywhere, it’s everything!  Managing AD is an ongoing, never-ending task, and securing it is even harder.  At STEALTHbits, we talk to a lot of customers who are using our tools to manage and secure AD, and over the years, several key strategies for tightening up security and hardening AD to resist attacks have emerged….

Read More Read More

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Authentication Attacks Have You Worried? Me Too… Introducing StealthINTERCEPT 5.2

Those of you that are familiar with STEALTHbits know that protecting credentials is in our DNA – there is no separating credential protection from a sane data protection strategy. The operative word being “sane”. Earlier this year we introduced the first iteration of our Enterprise Password Enforcer, a password policy enforcement tool for Active Directory. In the first release, we focused on creating a solution that was transparent and operationally friendly. It did not require reboots when updating policies or…

Read More Read More

Detecting Pass-the-Hash with Honeypots

Detecting Pass-the-Hash with Honeypots

Credential theft within Windows and Active Directory continues to be one of the most difficult security problems to solve.  This is made clear in the Verizon DBIR where it is reported that the use of stolen credentials is the #1 action identified across data breaches. Microsoft has acknowledged this challenge and responded with a guide on how to mitigate the Pass-the-Hash attack.  They have expanded on their recommendations and outlined steps to set up a tiered Active Directory environment and…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.