Service accounts are under managed and overprivileged. Being pushed along by application groups annoyed that they need to deal with any process at all, security or helpdesk folks simply make an account, give it rights, and get it in the hands of the application folks. The application team thinks the account is controlled like any […]
Service accounts are a favorite target of attackers because these accounts give them privileged access to systems, applications and data. Since service accounts do not have strict password reset policies, attackers can exploit them for extended periods of time without being detected. In this podcast, cybersecurity expert Jeff Warren speaks with host Jonathan Sander about […]
We have just done the first episode of our Insider Threat podcast, and it was a little scary. I’m no stranger to doing a show; so that wasn’t scary. What was frightening is how easily the bad guys can exploit our Active Directory and Microsoft platforms. I sat down with Jeff Warren, who wrote our […]
It comes as a surprise to no one that information security pros have strong opinions. So each year STEALTHbits puts out their floor survey and the results come pouring in. 2017 was no exception. We’re excited to announce the “5 Trends for Security Professionals”, which you can get here. This year’s report breaks down 5 […]
Shifting the Focus of the Cybersecurity Discussion First, if you have not yet read Joel Brenner’s report, “Keeping America Safe: Toward More Secure Networks for Critical Sectors,” written for the MIT Center for International Studies and the MIT Internet Policy Research Initiative, then you should open another tab right now and go do that. Don’t […]
Last week I was lucky enough to attend a small room presentation by Joshua S. Bloom. He went through a tour de force in data science. He had to figure out a lot of this not because of the trendy big data problems and approaches that we see in just about every new vendor that […]
If you didn’t make it to the RSA Conference this year, you missed the largest, maddest security event I’ve ever seen. With reports of 33,000 attendees and nearly 40,000 people including exhibitors and others, the Moscone center was bursting at the seams with security professionals. I kept up my streak of not making it to […]
Though the RSA Conference is a little later this year than past ones, it still feels like a rush now that we’re almost there. We’ve got a lot of things to do and we’re planning on literally the biggest presence we’ve ever had. Yes, I know how to use the word literally; I’m talking about […]
Had the chance to speak with a senior member of the security team at a large entertainment company this week about some of their challenges regarding access management. The conversation immediately turned to his issues with provisioning, “onboarding and offboarding” as he referred to it each time. I thought that meant we would be referring […]
Yesterday I got to sit with a CIO and his staff at a fast growing company in the biotech space. They’re making a lot of profit and have a unique opportunity to onboard technologies to solve their problems. They have a very sophisticated user base – people doing biotech work are generally smart, well informed […]
Start a Free Stealthbits Trial!
No risk. No obligation.