Governing Data Access to Meet Security, Compliance and Operational Standards

Governing Data Access to Meet Security, Compliance and Operational Standards

Part 6: Governing Data Access to Meet Security, Compliance and Operational Standards In this 6th and final post of our “Moving from Checkbox Compliance to True Data Security” blog series, we’re going to see how all the work we’ve done in discovering where our data lives, collecting and analyzing relevant information about our data, monitoring activity, and restructuring access rights will pay off in a major way. As you’ve likely gathered already, “Governance” is a pretty important component of a…

Read More Read More

Restructuring Permissions to Achieve a Least Privilege Access Model

Restructuring Permissions to Achieve a Least Privilege Access Model

Part 5: Restructuring Permissions to Achieve a Least Privilege Access Model In part 4 of this 6-part blog series, ‘Moving from Checkbox Compliance to True Data Security,’ we discussed why it’s important to monitor file share activity before you begin to take any action so you can get a full understanding of: Who is leveraging their access privileges What types of operations each user performs Who is creating or contributing the most amount of content If you’ve completed that step and…

Read More Read More

How Threat Analysts have Become Superstitious: Superstition vs. Machine Learning with StealthDEFEND v1.2

How Threat Analysts have Become Superstitious: Superstition vs. Machine Learning with StealthDEFEND v1.2

The American psychologist B. F. Skinner conducted an experiment to examine how superstitions are formed. Using one of his favorite test subjects, pigeons, he observed that the pigeons associated whatever chance actions they had been performing when they were fed. Some of the birds would turn twice, while others would peck three times and they all repeated these behaviors with the expectation that they would be rewarded with food. Traditional cyber security has been suffering from this condition for quite…

Read More Read More

Prioritizing Data Access Governance Initiatives Through Discovery

Prioritizing Data Access Governance Initiatives Through Discovery

Organizations are starting to shift their focus to establish a core set of principles around protecting their data, and they need a blueprint to help them get started. This series serves as the blueprint that will help your organization chart a course to proper data security. The first step in establishing a Data Access Governance program is Discovery.

Moving from Checkbox Compliance to True Data Security

Moving from Checkbox Compliance to True Data Security

Organizations are shifting their focus to a core set of principles around protecting their credentials and data, but they struggle with a starting point. In this 6-part ‘Checkbox Compliance to True Data Security’ blog series, we will provide a foundational blueprint. The series will cover an overview of Data Access Governance (DAG) and introduce the 5 phases that will help shape a true data security program. In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti…

Read More Read More

Top 15 Data Security Sessions at the RSA Conference 2018

Top 15 Data Security Sessions at the RSA Conference 2018

With more than 40,000 security professionals converging on the Moscone Center in San Francisco, we will be taking over the City by the Bay for the week of RSA (April 16-20). In this blog post, I just wanted to give some helpful tips from a Bay Area native and also recommend some Data Security sessions that look interesting from the agenda. Of course, there is always our session at 3:10 p.m. PDT on Wednesday, April 18 in the South Briefing…

Read More Read More

Announcing StealthDEFEND 1.1

Announcing StealthDEFEND 1.1

Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that skills are not the only shortage we face. Many security challenges are becoming too complex to solve via traditional…

Read More Read More

5 Critical Events to Audit with Microsoft SQL Server

5 Critical Events to Audit with Microsoft SQL Server

Data security is more important than ever.  Some of your most important information resides within databases, so devising a sound database security and auditing strategy is a must. CSO published an article earlier this year listing the top 16 security breaches of the century based on how much risk or damage the breach caused. Out of these 16 attacks, databases were at the heart of at least 4, including the Heartland Payment Systems breach in March of 2008, the result…

Read More Read More

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Cover Your Six: Enhanced Visibility into Credential and Data Risks with StealthAUDIT v8.1

Awareness is the first and most essential ingredient in any successful risk mitigation strategy.  StealthAUDIT v8.1 has been enhanced to extend your awareness into high risk conditions that can easily sneak up on you in three key ways: SQL Database Security – Discover, assess access, and monitor activity within SQL databases, scouring each for sensitive data that attackers are likely to target Weak Password Identification – Identify Active Directory user accounts leveraging passwords contained in publically available dictionaries and organizationally-defined…

Read More Read More

StealthDEFEND – Insider Threat Podcast #11

StealthDEFEND – Insider Threat Podcast #11

In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan and Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access Governance suite. Focused on file activity, important contextual elements like data sensitivity, and the actual attack methods leveraged…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.