Adam Laub Archives | The Insider Threat Security Blog

Monitoring Sensitive Data Activity and Identifying Data Owners

August 28, 2018 Latesha Lynch Comments 0 Comment

If you’ve been following along in this 6-part Checkbox Compliance to True Data Security series, you should have a better understanding of how to locate your data, pinpoint which data is considered sensitive or risky to your organization, and compile a priority list of the sensitive data you’ll want to govern first. You may be thinking that once you’re done with the above it’s time to start making changes to security and locking down the risky data you found, however,…

Read More Read More

Collect and Analyze Relevant Data Points to Assess Risk

August 21, 2018 Latesha Lynch Comments 0 Comment

The goal of the Collect and Analyze phase is to assess relevant data points to answer critical questions like what’s the sensitivity of the data, who has access to it, who owns it, and what’s the age of that data. When you begin to understand the answers to these questions, you can then begin prioritizing the resources that are at most risk and limiting access to them as you work towards achieving a Least Privilege Access model.

Prioritizing Data Access Governance Initiatives Through Discovery

August 14, 2018 Latesha Lynch Comments 0 Comment

Organizations are starting to shift their focus to establish a core set of principles around protecting their data, and they need a blueprint to help them get started. This series serves as the blueprint that will help your organization chart a course to proper data security. The first step in establishing a Data Access Governance program is Discovery.

Moving from Checkbox Compliance to True Data Security

July 10, 2018 Latesha Lynch Comments 0 Comment

Organizations are shifting their focus to a core set of principles around protecting their credentials and data, but they struggle with a starting point. In this 6-part ‘Checkbox Compliance to True Data Security’ blog series, we will provide a foundational blueprint. The series will cover an overview of Data Access Governance (DAG) and introduce the 5 phases that will help shape a true data security program. In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti…

Read More Read More

How to Secure a File Share in 8 Steps

July 5, 2018 Adam Laub Comments 0 Comment

User access and permissions to data are excessive – especially within network file share infrastructure – due in large part to the highly complex and/or error-prone processes administrators have been forced to navigate over the years. Adding insult to injury, the location of sensitive data within shared file systems is largely unknown in most organizations, which is a problem given this type of data is a target in virtually every breach scenario. Securing a file share isn’t too difficult if…

Read More Read More

STEALTHbits Cyber Kill Chain Attack Catalog: Active Directory Attacks and More

April 5, 2018 Adam Laub Comments 0 Comment

Cyber Attack Reference Guide for Security Practitioners For over a year now, we’ve been documenting all the most common and clever techniques attackers have developed to compromise Active Directory credentials on their way to complete domain dominance. Frustratingly, but not surprisingly, the quantity of attack methods to choose from and the frequency of attack prevalence have only risen over the past 12 months, which got us thinking… How – besides continuing to provide cutting edge solutions for credential and data…

Read More Read More

3 Zero-Cost Tactics That Make it Difficult for Attackers to Move Laterally

February 2, 2018 Adam Laub Comments 0 Comment

Trying to Prevent Lateral Movement on a Budget? They say the best things in life are free. And whether you believe it or not, it’s got to be true at least every once in a while, right? Well, when it comes to securing your credentials and data, there are in fact a number of things you can do that are not only highly effective, but cost conscious. Not to oversimplify some otherwise complex concepts and subjects, there are three things…

Read More Read More

StealthAUDIT 8.1 – Insider Threat Podcast #12

December 13, 2017 Jonathan Sander Comments 0 Comment

In our twelfth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammate, Adam Laub, the Senior Vice President of Product Marketing. In a reversal of the typical flow of things, Adam had questions for me. With the release of StealthAUDIT 8.1 fast approaching, he wanted to know how some of the headline features fit into the view of the world from an insider threat perspective. 8.1 is a minor release, and, as is usual with a…

Read More Read More

StealthDEFEND – Insider Threat Podcast #11

November 28, 2017 Jonathan Sander Comments 0 Comment

In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan and Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access Governance suite. Focused on file activity, important contextual elements like data sensitivity, and the actual attack methods leveraged…

Read More Read More

STEALTHbits at Microsoft Ignite 2017 – Insider Threat Podcast #8

October 4, 2017 Jonathan Sander Comments 0 Comment

In our eight edition of the Insider Threat Podcast, we spoke with the most senior member of the STEALTHbits team, Adam Laub. Adam had just been to the Microsoft Ignite conference and brought us some insight into what the pulse of the show was. We brought our new focus on Threat Protection to the show in a big way. People’s reactions were very positive. We had more people stopping by and spending time with us than ever before. Of course,…

Read More Read More