STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 6 days ago

New blog articles detected

  • LDAP Monitoring for Security

    LDAP Monitoring LDAP (Lightweight Directory Access Protocol) is an application protocol for querying and modifying items in directory service providers like Active Directory (AD). AD, by contrast, is a directory services database, and LDAP is one of the protocols you can use to talk to it. Because Microsoft provides no easy way to monitor LDAP queries, to see the query that was issued and where it...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • 5 Essential Steps to EU GDPR – Part 2: GDPR, the Data Access Governance Project

    In part one we looked at the questions organisations must address when dealing with DSARs (Data Subject Access Request). Simple questions, but in reality, tricky or virtually impossible to answer depending on the size and complexity of your data infrastructure. Saying that, they’re actually the core premise of Data and Access Governance. What is Data Access Governance (DAG)? DAG is best described ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • Law Firm Cyber Guidance: Adopting a Least Privilege Model

    On the heels of breaches at Cravath Swaine & Moore LLP, Weil Gotshal & Manges LP among others, The Association of Corporate Counsel (ACC) has issued its first-ever guidelines on the basic data security measures that in-house counsel should expect from their law firms. Law firms are warehouses of client information making them prime targets for attackers. The legal ethics rules require attorneys to...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 week ago

New blog articles detected

  • STEALTHbits ProTip: Where did my file go?: STEALTHbits File Activity Monitor

    In the first “Where did my file go?” post, we discussed locating files using StealthAUDIT’s Access Information Center. Now, with the STEALTHbits File Activity Monitor in place, this same question can be answered in real-time directly within the console. Not only can we identify what happened to a file, we can even show you where it ended up.  First, start a New Activity Search within the STEALTHbi...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 2 weeks ago

New blog articles detected

  • 5 Trends for Security Professionals

    It comes as a surprise to no one that information security pros have strong opinions. So each year STEALTHbits puts out their floor survey and the results come pouring in. 2017 was no exception. We’re excited to announce the “5 Trends for Security Professionals”, which you can get here. This year’s report breaks down 5 trends we saw in the responses and attempts to connect those to the larger thre...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 2 weeks ago

New blog articles detected

  • 3 Ways to Improve Your Security Posture by Extending IAM into Unstructured Data and PAM

    Laying the Groundwork for a Success IAM Deployment Implementing an Identity and Access Management (IAM) solution is a complex undertaking that involves significant investment in time and resources. As a result, project leaders are laser-focused on extending IAM’s footprint to accomplish three goals: Strengthen their security posture Maximize technology value Increase Return on Investment With near...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 2 weeks ago

New blog articles detected

  • 5 Essential Steps to EU GDPR

    Part 1: Understand the Basic Requirements of GDPR Despite the GDPR being marked as a clearer to understand regulation, it’s still a mine field of legal and compliance requirements, interpretations and uncertainty. The purpose of this blog series is to help you understand the fundamental requirements of GDPR by peeling back the layers of legality, bureaucracy and spin. The Numbers It’s safe to say ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 weeks ago

New blog articles detected

  • Cybersecurity: You Cannot Secure What You Cannot See

    Shifting the Focus of the Cybersecurity Discussion First, if you have not yet read Joel Brenner’s report, “Keeping America Safe: Toward More Secure Networks for Critical Sectors,” written for the MIT Center for International Studies and the MIT Internet Policy Research Initiative, then you should open another tab right now and go do that. Don’t worry. We’ll wait. The report is not so interesting f...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 weeks ago

New blog articles detected

  • StealthRECOVER Now Available for Active Directory Rollback and Recovery

    AD Rollback and Recovery When I worked as an Active Directory (AD) Architect for over a decade, one of the most challenging tasks I experienced was the inability to easily and safely undo the mistakes administrators and I made. While Microsoft does provide some capabilities for recovering deleted objects with the AD recycle bin, it still does not offer an easy way to rollback and recover from othe...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 weeks ago

New blog articles detected

  • Performing Pass-the-Hash Attacks with Mimikatz

    Attack #4: Pass-the-Hash with Mimikatz In my previous post, we learned how to extract password hashes for all domain accounts from the Ntds.dit file. In this post, we’re going to see what you can do with those hashes once you have them. Mimikatz has become the standard tool for extracting passwords and hashes from memory, performing pass-the-hash attacks and creating domain persistence through Gol...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 weeks ago

New blog articles detected

  • What’s New in StealthINTERCEPT v4.1?

    Staying in lockstep with today’s threats Today we announce the release of StealthINTERCEPT 4.1, the latest iteration of our Real-time Change and Access Auditing solution. For many organizations, monitoring and auditing of their Active Directory (AD), File Systems, and Exchange environments continues to be a challenging endeavor due to the complexity of configuration and overall performance concern...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Extracting Password Hashes from the Ntds.dit File

    AD Attack #3 – Ntds.dit Extraction With so much attention paid to detecting credential-based attacks such as Pass-the-Hash (PtH) and Pass-the-Ticket (PtT), other more serious and effective attacks are often overlooked. One such attack is focused on exfiltrating the Ntds.dit file from Active Directory Domain Controllers. Let’s take a look at what this threat entails and how it can be performed. The...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Attack Mapping with BloodHound

    AD Attack #2 – Local Admin Mapping Once an attacker has established a foothold inside your domain, their primary objective is to compromise their target as quickly as possible without detection. Whether the target is sensitive data stored on a file server or compromising a Domain Admin account, the attacker must first formulate a plan of attack. This often involves strategic lateral moves througho...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Market Trends: Preparing Now – EU General Data Protection Regulation (GDPR)

    At the RSA Conference 2017 in San Francisco, CA we were able to survey more than 300 security professionals. One of the survey questions was, “Is your organization preparing for the EU General Data Protection Regulation (GDPR)?” 67% of respondents said that their organizations were preparing. Regulatory Compliance Standards Regulatory compliance standards such as PCI-DSS, HIPAA, and SOX are simply...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Configure Criteria to Meet Compliance Standards

    With the EU General Data Protection Regulation (GDPR) looming, it is important to understand how to configure groups of criteria to the compliance standards your organization is concerned about most. StealthAUDIT’s Sensitive Data Discovery allows you to identify file content that matches your set criteria. This can be done for keywords or regular expressions, as well as groups of any of those crit...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Performing Domain Reconnaissance Using PowerShell

    AD Attack #1 – LDAP Reconnaissance The first thing any attacker will do once he gains a foothold within an Active Directory domain is to try to elevate his access. It is surprisingly easy to perform domain reconnaissance using PowerShell, and often without any elevated privileges required. In this post, we will cover a few of the different ways that PowerShell can be used by attackers to map out y...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • 4 AD Attacks and How to Protect Against Them

    I was speaking with an Active Directory Security Engineer from a large, global pharmaceutical company recently and asked him the most classic question in the Product Management handbook: “What keeps you up at night?” So cliché (I know), but sometimes instead of an eye roll, you get a real gem, which is exactly what happened. He said, “We’ve got a lot of good protections in place and run a pretty t...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • 10 Security Risks Almost Everyone Has

    If you’re responsible for the management and security of an Active Directory (AD) or Windows infrastructure, you already know you’ve got a tough job.  And with thousands of configurations and potential conditions to worry about across dozens of AD and Operating System (OS) versions, where do you even begin an effort to address your most at-risk conditions?  What are they to begin with?  If you’re ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Market Trends: AD Security Assessment and Rollback and Recovery

    AD Security Assessment Active Directory security is a hot topic. Some security professionals have made their living by uncovering vulnerabilities in directory services. Take for instance, Sean Metcalf at ADSecurity.org. He has an entire blog focused on Active Directory security. What tends to be lacking, however, is an easy-to-follow Security Assessment that highlights critical areas of concern in...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • STEALTHbits ProTip: Model Access Changes with Confidence

    Modeling access changes before enabling them allows you to clean up access with confidence. The Access Information Center makes this simpler than ever with easy-to-understand visuals and the ability to commit these changes on the spot. First, we’ll look at the Effective Access report on my PreSales Engineering Share. As you can see, Chris still has access although his account is disabled. In this ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

  • Top 10 Data Security Sessions at the RSA Conference 2017

    It is that time of year again, time to get our bags packed and head to San Francisco for the RSA Conference. This year’s theme is the Power of Opportunity–which is a fitting theme for most security companies as they move toward partnerships that benefit end users. As a cybersecurity company that focuses on credentials and data, we thought it would be helpful to select a top 10 list of data securit...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 1 month ago

New blog articles detected

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 months ago

New blog articles detected

  • Market Trends: 2017 Cybersecurity Trends

    2017 – A New Hope Protecting your company in 2017 should start from the inside out. Organizations have spent the last decade securing the perimeter from external threats with a fair amount of success. However, in the last couple years one of the most serious threats to cybersecurity stepped to the fore: the Insider.  StaySafeOnline.org recently highlighted the importance of training more of your e...

  • STEALTHbits ProTip: Maximize Your StealthAUDIT Investment with Reporting

    This month I’d like to touch on a fairly unknown usability feature within StealthAUDIT. The Reports Only mode allows the console to be run without risk of triggering any collections or affecting any already existing data sets. There is an underused (but very useful) command line switch that allows you to run StealthAUDIT so that it can only generate reports. When run in Reports Only mode the Query...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 3 months ago

New blog articles detected

  • 5 Challenges with Combining Data Access Governance and Identity Access Management

    In a recent webinar, I discussed the five challenges that are faced when combining Data Access Governance and Identity and Access Management. The Identity Access Management Blindspot Unstructured data represents a significant risk for every organization. The files spread across file systems, SharePoint sites, and cloud applications continue to grow at a rapid pace, making it difficult to enforce p...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 months ago

New blog articles detected

  • 5 Cybersecurity Trends for 2017

    It’s December, the holidays are upon us, and it’s that time of the year for the proverbial “2017 predictions” blog. Not to be left out of all the fun, we went around to a few of our resident industry experts here at STEALTHbits to get their opinions of what trends will emerge in the New Year within the world of cybersecurity. Check out what they had to say: Trend #1 – Create a Cybersecurity Talent...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 months ago

New blog articles detected

  • Best Practices for Auditing Active Directory

    Some years ago I worked as a software implementation consultant in the public sector. An IT Director pulled me into his office one day to ask about my team’s ERP deployment. After I answered his questions he said, “That all sounds fine. What isn’t so fine is the state of my Active Directory.” He proceeded to show me thousands of stale accounts across agencies, as well as global access rights that ...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 months ago

New blog articles detected

  • Optimizing Your Data Governance Strategy for EU GDPR

    With European Union General Data Protection Regulation (EU GDPR) set to take effect on May 25, 2018, the proper handling of personal data is more critical than ever. Last April, my colleague, Mark Wilson, explained exactly how the new regulations will impact US and multi-national companies that process personal data of EU citizens. Among the highlights are breach notification within 72 hours and a...

STEALTHbits Technologies

Category: Content
Type: Blog Article

Generated 4 months ago

New blog articles detected

  • STEALTHbits ProTip: Defending Against Ransomware in 2017

    With the close of 2016 approaching, I looked back and realized that Ransomware could have been the subject of my ProTip every month this year! Not only has it been regularly grabbing headlines throughout the last twelve months, but I’m sure 2017’s threat-surface will be subject to even more attacks. And while I’ve already provided tips on ransomware twice, this time I’d like to talk about the meth...

  • Market Trends: Don’t Be Your Own Worst Enemy

    The year 2016 is being called the Year of the Breach. A recent study by the Ponemon Institute shows that two-thirds of organizations affected by a cyber breach are unable to recover from the attack. Imagine these organizations – so many of them – ceasing to operate one by one as wanton and malicious cyber-attacks damage their critical infrastructure, reveal operational strategies or trade secrets ...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in