Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE

Stealthbits

Posts by Rod Simmons

Home >Rod Simmons
Rod Simmons is VP of Product Strategy at STEALTHbits Technologies responsible for the vision and strategy of their Active Directory Management and Security solutions. Rod has been in the technology space for over 20 years. Prior to joining STEALTHbits, he served as Director of Product Management at BeyondTrust responsible for the Privileged Access Management products. He has also held positions leading Solution Architects and Product Managers at Quest Software and Netpro Computing Inc.

Easily Prevent More Breaches by Simply Preventing Bad Passwords

| Rod Simmons | Security | Leave a Comment

A recent cyber-attack on the Canadian government was successful because of a well-known attack technique, credential stuffing. If you’re not familiar, credential stuffing is just taking credentials from one breach and using it to compromise a new organization.  It is successful because 62% of people reuse personal passwords on work systems. News of this attack broke on Monday, […]

PROTIP: Policy Registration & Managing StealthINTERCEPT via PowerShell and Editing StealthDEFEND Investigations & Categorizing Playbooks

There are actually four (4) ProTips in this blog (Click below to go to one you want): Multiple Policy Registration in StealthINTERCEPT Managing StealthINTERCEPT via PowerShell Editing StealthDEFEND Investigations the Lazy Way Categorize StealthDEFEND Playbooks to Reduce Clutter Multiple Policy Registration in StealthINTERCEPT The capability has long existed in StealthINTERCEPT to have a single policy […]

PROTIP: How to Update the “Have I Been Pwned” (HIBP) Breach Dictionary in StealthINTERCEPT Enterprise Password Enforcer and StealthAUDIT

ALERT: If you are NOT a StealthINTERCEPT Enterprise Password Enforcer or StealthAUDIT customer, view this blog for greater relevance and a more appropriate read. With 34% of people saying they share passwords with coworkers1 and 62% reusing the same password for work and personal accounts2, the importance of checking passwords is paramount. Last Friday (June 19, 2020) we […]

Microsoft LDAP Channel Binding and Signing Patch

Discovery Solution for Microsoft’s March 2020 Update Lightweight Directory Access Protocol (LDAP) – How did we get here? 20 years ago, I embarked on the fantastical journey that was migrating from NT4 to Active Directory. This is also when I began learning the power of LDAP. While it was technically available, very few companies implemented […]

ProTip – The Power of Character Substitution Checks in StealthINTERCEPT Enterprise Password Enforcer

I have had the benefit of visiting a number of customers to understand how they use our products. Specifically, how they use the breach password dictionary in StealthINTERCEPT Enterprise Password Enforcer. Many actively manage their breach password database to prevent breached passwords from use.  In reviewing these password databases, I noticed many contained entries with […]

ProTip: Exciting New StealthDEFEND Functionality Available with the Release of Version 2.2 on November 5, 2019

Stealthbits is very excited to share a sneak peek of some of the enhancements available with the launch of StealthDEFEND 2.2, scheduled for November 5, 2019. The fact remains – organizations concerned about data breaches and the rising costs to remediate them, need advanced solutions to not only quickly identify, but automatically respond to an […]

Implement Password Policy Compliance Monitoring and Leverage Important Enhancements to Active Directory and LDAP Auditing with StealthINTERCEPT 6.1

There are two functional areas of Active Directory management and security that every organization struggles with; one is changing their password policies and the other is identifying the source of LDAP traffic. StealthINTERCEPT efficiently addresses both of these challenges in Version 6.1. Password Pain? How to Improve Your Password Policy The NIST 800-63B password guidelines […]

Have I Been Pwned Database: Here’s What We Can Learn

Recently, I was doing some research on password security using breached password databases to understand the value they bring when trying to improve overall password security. One very good database is the “Have I been pwned” database. I’ve Been Pwned For those of you who have not used this excellent public resource, it’s a collection […]

Microsoft Advanced Threat Analytics (ATA) Compared to StealthDEFEND for Active Directory

Detecting advanced threats against Active Directory can be approached in a variety of ways. When looking at Microsoft Advanced Threat Analytics (ATA) compared to STEALTHbits StealthDEFEND for Active Directory they have the same goal and a similar approach, however, there are some key differences. Microsoft is in a privileged position to build a threat detection […]

Subscribe

DON'T MISS A POST. SUBSCRIBE TO THE BLOG!

© 2021 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL