INSIDER THREAT SECURITY BLOG

Cyber Attack Reference Guide for Security Practitioners For over a year now, we’ve been documenting all the most common and clever techniques attackers have developed to compromise Active Directory credentials on their way to complete domain dominance.  Frustratingly, but not surprisingly, the number of attack methods to choose from and the frequency of attack prevalence have only risen over the past 12 months, which got us thinking… How – besides continuing to provide cutting edge solu…

With more than 40,000 security professionals converging on the Moscone Center in San Francisco, we will be taking over the City by the Bay for the week of RSA (April 16-20). In this blog post, I just wanted to give some helpful tips from a Bay Area native and also recommend some Data Security sessions that look interesting from the agenda. Of course, there is always our session at 3:10 p.m. PDT on Wednesday, April 18 in the South Briefing Center, where CTO of STEALTHbits, Jonathan Sander w…

Forrester just released The State of Microsoft Active Directory 2018 report by Merritt Maxim, and it’s definitely something that anyone interested in current state of Active Directory (AD) usage and where it’s going should read. Here are some of the key takeaways summarized by the report: Demand for Cloud Based AD is growing. On-prem AD is still dominant in the enterprise, but as cloud deployments of applications and services grow, AD in the cloud is growing with them. If you are concerne…

Point releases are not usually a big deal. And while we could have quietly released the latest version of our real-time threat analytics and alerting component of the STEALTHbits’ Data Access Governance suite, the team worked hard to incorporate the feedback we received and make significant strides. The cyber security industry skills gap continues to increase; some, myself included believe that skills are not the only shortage we face. Many security challenges are becoming too complex to s…

67% of organizations are not confident in their ability to uncover insider threats? In response to new challenges, threat hunting is a developing security practice that focuses on proactively detecting and isolating advanced threats. Detecting, preventing and mitigating “insider threats” is the most common reason for an organization to have a threat hunting program. However, in practice, what some call an “insider threat,” others may call “internal security monitoring.” Definitions of what…

Something I say in customer meetings a lot is that unstructured data isn’t glamourous. In a world where people are talking about machine learning, IoT, the latest vulnerabilities and exploits, and other cutting edge stuff, files and folders doesn’t get a lot of air time. If you’re reading this blog, though, you know these uncool bits of data are potentially dangerous and need attention. That leads to an interesting effect in meetings. Often prospects and customers will ask us what we are seei…

Trying to Prevent Lateral Movement on a Budget? They say the best things in life are free. And whether you believe it or not, it’s got to be true at least every once in a while, right?  Well, when it comes to securing your credentials and data, there are in fact a number of things you can do that are not only highly effective, but cost conscious. Not to oversimplify some otherwise complex concepts and subjects, there are three things pretty much every attacker relies upon being true in order…

Data Privacy Day is among us, and for that matter so is EU GDPR and NYCRR 500. What do these all have in common? Well, privacy. Privacy by design really should be more than just the mantra of GDPR, it needs to become the mantra of everyone handling any type of customer information. I do have hope that it will. How do you achieve privacy by design? EU GDPR along with NYCRR 500 are both privacy-focused regulations and they both layout very thoughtful measures for not simply being “more secure”…

Data security is more important than ever.  Some of your most important information resides within databases, so devising a sound database security and auditing strategy is a must. CSO published an article earlier this year listing the top 16 security breaches of the century based on how much risk or damage the breach caused. Out of these 16 attacks, databases were at the heart of at least 4, including the Heartland Payment Systems breach in March of 2008, the result of a SQL injection attack…

How much personal data are your employees able to access? What you don’t know will surprise you…and could possibly hurt you. Imagine you’ve been with a company for 10, 20, even 30 years. How many roles have you had? How many applications have you worked with over that period? If you’re like many individuals, you will likely have switched jobs at least 2 or more times. Here’s the (fictitious) story of Artie.  Artie Fact has been with HappyGoLucky (HGL) Global for 5 years. He loves the op…