STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • I’m writing this sitting in Germany, having spent one week meeting with customers from the UK, Switzerland, and other places and about to spend another at the Kuppinger Cole EIC Conference. The conference agenda is loaded up with EU GDPR topics, and there will be more to say about that in another post. It was very interesting last week to hear from customers, prospects, and partners where their GD...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • The latest release of StealthDEFEND 1.1 brings us a new highly anticipated feature, Investigations. This brings a new custom experience to the threats and alerts you see in the product by allowing you to define your own threats by specifying the: who, what, where, and when. By navigating to the “Investigate” page in the menu, you are presented with the file activity events for the current day alon...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In an interview with Dark Reading, Brian Christensen, head of global audit for Protiviti says, “Whether it is dealing with new cyber-attacks or changes in technology that makes things obsolete at a very fast pace, the ability to have conversations around that (risk) both from a business-process owner standpoint and from an auditor standpoint is a leading standard by which we would expect organizat...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Cyber Attack Reference Guide for Security Practitioners For over a year now, we’ve been documenting all the most common and clever techniques attackers have developed to compromise Active Directory credentials on their way to complete domain dominance.  Frustratingly, but not surprisingly, the quantity of attack methods to choose from and the frequency of attack prevalence have only risen over the...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • With more than 40,000 security professionals converging on the Moscone Center in San Francisco, we will be taking over the City by the Bay for the week of RSA (April 16-20). In this blog post, I just wanted to give some helpful tips from a Bay Area native and also recommend some Data Security sessions that look interesting from the agenda. Of course, there is always our session at 3:10 p.m. PDT on...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Forrester just released The State of Microsoft Active Directory 2018 report by Merritt Maxim, and it’s definitely something that anyone interested in current state of Active Directory (AD) usage and where it’s going should read. Here are some of the key takeaways summarized by the report: Demand for Cloud Based AD is growing. On-prem AD is still dominant in the enterprise, but as cloud deployments...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that sk...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • 67% of organizations are not confident in their ability to uncover insider threats? In response to new challenges, threat hunting is a developing security practice that focuses on proactively detecting and isolating advanced threats. Detecting, preventing and mitigating “insider threats” is the most common reason for an organization to have a threat hunting program. However, in practice, what some...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • StealthINTERCEPT provides great threat hunting capabilities, so naturally, the health of our systems is paramount.  StealthINTERCEPT Health Alerts give us the information we need to ensure we keep getting the data we care about. Agent connectivity is my main concern, although SI Agents will cache a fair amount of events, I want to get them communicating again ASAP to prevent any delay in my securi...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In this series, we’ve learned about DCShadow and covered attack scenarios to demonstrate how this can be used for an attacker to create persistence as well as elevate privileges across forests.  Now that we know the risks involved with DCShadow, let’s cover what you can do to detect this in your environment. First, let’s recap the basics: The purpose of DCShadow is to make changes that will not be...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • So far we’ve covered how DCShadow works as well as ways this can enable attackers to create persistence within a domain without detection once they’ve obtained admin credentials.  DCShadow can enable attack scenarios beyond just creating persistence, and can actually be used to elevate access for an attacker. How can a Domain Admin elevate their access even higher? By obtaining admin rights in oth...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Something I say in customer meetings a lot is that unstructured data isn’t glamourous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Something I say in customer meetings a lot is that unstructured data isn’t glamorous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Now that we understand the basics of the DCShadow feature, let’s look at some ways in which attackers can leverage DCShadow in a real world attack scenario.  As we learned, DCShadow requires elevated rights such as Domain Admin, so you can assume an attacker leveraging this already has complete control of your environment.  So why would an attacker want to or need to use DCShadow? One real world s...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • With our focus on SQL Attacks this month, I naturally think about what data is being attacked as well.  StealthAUDIT’s SQL Solution Set can show us a lot of valuable information but collects even more than what immediately shows. StealthAUDIT Data Views are my go-to tool when I want advanced manipulation of data for an export.  Some of these are immediately available, and others must be “turned on...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • If you’re familiar with Mimikatz, you’ve already seen some of the ways it exposes weaknesses in Active Directory security (if you’re not, read up!).  Recently, a new feature was added to Mimikatz titled DCShadow and was presented by its authors Benjamin Delpy and Vincent LeToux at the Bluehat IL 2018 conference. DCShadow enables Mimikatz to make changes to Active Directory by simulating a domain c...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Trying to Prevent Lateral Movement on a Budget? They say the best things in life are free. And whether you believe it or not, it’s got to be true at least every once in a while, right?  Well, when it comes to securing your credentials and data, there are in fact a number of things you can do that are not only highly effective, but cost conscious. Not to oversimplify some otherwise complex concepts...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Data Privacy Day is among us, and for that matter so is EU GDPR and NYCRR 500. What do these all have in common? Well privacy. Privacy by design really should be more than just the mantra of GDPR, it needs to become the mantra off everyone handling any type of customer information. I do have hope that it will. How do you achieve privacy by design? EU GDPR along with NYCRR 500 are both privacy focu...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • What to Do with Your New SQL Kingdom In the last posts, we explored ways to gain access to MS SQL and to extract the data it contains. The fun thing with MS SQL, though, is that is just the start. Every application has a certain amount of access to other resources. Databases generally have a lot of low-level access to system since their whole purpose in life is to optimize access to data. That mea...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  •   With each iteration, StealthINTERCEPT shows more value to our customers.  StealthINTERCEPT 5.0’s AD Security focused data means alerting will become even more essential, and those alerts should contain what’s important to you.  Let’s take a moment to learn how your organization can configure and benefit from StealthINTERCEPT 5.0 Notifications. First, navigate to the Alerts section found under Co...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Transforming Active Directory Security Five years ago we introduced the StealthINTERCEPT product line, to address the growing requirement for a comprehensive Active Directory change and access monitoring solution. We know that Active Directory is safest when it is clean, properly configured, closely monitored, and tightly controlled – that is exactly what StealthINTERCEPT has been successfully doi...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • Completely Owning MS SQL Server If what you’re after is a toolkit to own Microsoft SQL Server from end to end, then what you need is PowerUpSQL. Implemented in PowerShell and as complete as they come, PowerUpSQL has tools to discover, compromise, elevate, target, and own just about any SQL system. It’s the whole kill chain in one tool. Just as I could have run all the initial discovery and comprom...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • After all the posts about attacking different parts of IT infrastructure, it seems impossible that we have never used nmap as a tool before. Nmap is one of the most reliable and well-known tools of the trade for attackers. More than that, it is used by security pros and IT admins for a huge number of tasks. In their own words, the makers of nmap say it is a “utility for network discovery and secur...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our thirteenth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing, and Gabriel Gumbs, VP of Product Strategy. We discussed our 2017 Cybersecurity Recap & 2018 Predictions Report, and tried to focus on the prediction part of things since we are at the start of the new year. After a quick look over the shoul...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our eleventh edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammates, Adam Laub, the Senior Vice President of Product Marketing and Dan McLaughlin, Technical Product Manager. Dan & Adam are the dynamic duo that helped usher out our release of StealthDEFEND version 1. StealthDEFEND is our new real-time threat analytics and alerting component of STEALTHbits’ Data Access ...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our twelfth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammate, Adam Laub, the Senior Vice President of Product Marketing. In a reversal of the typical flow of things, Adam had questions for me. With the release of StealthAUDIT 8.1 fast approaching, he wanted to know how some of the headline features fit into the view of the world from an insider threat perspective...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In our twelfth edition of the Insider Threat Podcast, we were joined by my STEALTHbits teammate, Adam Laub, the Senior Vice President of Product Marketing. In a reversal of the typical flow of things, Adam had questions for me. With the release of StealthAUDIT 8.1 fast approaching, he wanted to know how some of the headline features fit into the view of the world from an insider threat perspective...

STEALTHbits Technologies
STEALTHbits Technologies
Blog Post
  • In the business of selling security solutions, not too long ago the phrase “defense in depth” dominated the messages. It was meant to evoke an image of defending each layer of the IT infrastructure with uniquely suited solutions. Now everyone recognizes that the notions about perimeter defenses are flawed. Real security is built in to everything, not wrapped around it. However, there are many corn...

Out-Market Your Competitors?

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account Log in

By signing up, you agree to the Terms of Service and Privacy Policy.

Out-Market Your Competitors

Get complete competitive insights on over 2.2 million companies to drive your marketing strategy.

Create Free Account

Already a user?  Log in

By signing up, you agree to the Terms of Service and Privacy Policy.