Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Uncategorized

Browsed By
Category: Uncategorized

Key Take Aways from the Ponemon 2018 Cost of Insider Threats Report

Since 2016 the Ponemon Institute has released a yearly report on the cost of insider threats, and this year’s report covered some statistics that may surprise you. Most people relate to incidents and breaches that originate from outside the organization. Practitioners, however know that they cannot focus only on the outsider threat but also the threat from insiders and how costly it can be. The Ponemon Institute was able to shine some much needed light on the cost occurred by more than 700 o…

Where Real Organizations Are with EU GDPR 10 Days from Launch

I’m writing this sitting in Germany, having spent one week meeting with customers from the UK, Switzerland, and other places and about to spend another at the Kuppinger Cole EIC Conference. The conference agenda is loaded up with EU GDPR topics, and there will be more to say about that in another post. It was very interesting last week to hear from customers, prospects, and partners where their GDPR efforts are right now. With the May 25th date looming, it would be easy to expect that many wo…

Stealthbits Cyber Kill Chain Attack Catalog: Active Directory Attacks and More

Cyber Attack Reference Guide for Security Practitioners For over a year now, we’ve been documenting all the most common and clever techniques attackers have developed to compromise Active Directory credentials on their way to complete domain dominance.  Frustratingly, but not surprisingly, the number of attack methods to choose from and the frequency of attack prevalence have only risen over the past 12 months, which got us thinking… How – besides continuing to provide cutting edge solu…

Top 15 Data Security Sessions at the RSA Conference 2018

With more than 40,000 security professionals converging on the Moscone Center in San Francisco, we will be taking over the City by the Bay for the week of RSA (April 16-20). In this blog post, I just wanted to give some helpful tips from a Bay Area native and also recommend some Data Security sessions that look interesting from the agenda. Of course, there is always our session at 3:10 p.m. PDT on Wednesday, April 18 in the South Briefing Center, where CTO of STEALTHbits, Jonathan Sander w…

The State of Microsoft Active Directory – Report by Forrester

Forrester just released The State of Microsoft Active Directory 2018 report by Merritt Maxim, and it’s definitely something that anyone interested in current state of Active Directory (AD) usage and where it’s going should read. Here are some of the key takeaways summarized by the report: Demand for Cloud Based AD is growing. On-prem AD is still dominant in the enterprise, but as cloud deployments of applications and services grow, AD in the cloud is growing with them. If you are concerne…

Announcing StealthDEFEND 1.1

Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that skills are not the only shortage we face. Many security challenges are becoming too complex to s…

2018 Threat Hunting Report

67% of organizations are not confident in their ability to uncover insider threats? In response to new challenges, threat hunting is a developing security practice that focuses on proactively detecting and isolating advanced threats. Detecting, preventing and mitigating “insider threats” is the most common reason for an organization to have a threat hunting program. However, in practice, what some call an “insider threat,” others may call “internal security monitoring.” Definitions of what…

Auditing and Reporting for Box Like Never Before

Something I say in customer meetings a lot is that unstructured data isn’t glamourous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads to an interesting effect in meetings. Often prospects and customers will ask us what we are seei…

3 Zero-Cost Tactics That Make it Difficult for Attackers to Move Laterally

| Adam Laub | | Leave a Comment
Trying to Prevent Lateral Movement on a Budget? They say the best things in life are free. And whether you believe it or not, it’s got to be true at least every once in a while, right?  Well, when it comes to securing your credentials and data, there are in fact a number of things you can do that are not only highly effective, but cost conscious. Not to oversimplify some otherwise complex concepts and subjects, there are three things pretty much every attacker relies upon being true in order…

A Tale of One City – Data Privacy Day

Data Privacy Day is among us, and for that matter so is EU GDPR and NYCRR 500. What do these all have in common? Well, privacy. Privacy by design really should be more than just the mantra of GDPR, it needs to become the mantra of everyone handling any type of customer information. I do have hope that it will. How do you achieve privacy by design? EU GDPR along with NYCRR 500 are both privacy-focused regulations and they both layout very thoughtful measures for not simply being “more secure”…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL