INSIDER THREAT SECURITY BLOG

The data breach at Adobe Systems Inc. is turning out to be worse than previously reported. Back in early October, Adobe announced that approximately 3 million accounts were compromised and that these “sophisticated” attacks accessed customer IDs, encrypted passwords, and other personally identifiable information. Additionally, Adobe announced that source code from multiple products had been stolen, including Adobe Photoshop, the widely popular tool for photographers. Fast forward a couple of …

Remember, remember the 5th of November! If you’re a fan of the film “V for Vendetta” or just happened to know a thing or two about history, this phrase likely popped into your head as you looked at the calendar this morning, realizing that today marks the yearly occasion known as Guy Fawkes Day. For those of you that don’t know, this holiday came to be in early England, where a man named Guy Fawkes was arrested on November 5th while taking guard over a pile of explosives that had been planted…

As 2013 begins to wrap itself up and the planning for this year’s “wilder-than-last-year” New Year’s Eve Party moves into the execution phase, many will reflect upon the events of the last 365 days. More specifically, people all around the world will ponder whether or not they were, in fact, able to finally accomplish whatever resolution they had previous put before themselves exactly one year ago. Some will look back and have feelings of achievement. Some (many) will look back in sadness and…

While researching data breach incidences within Universities and places of higher education, I stumbled upon the Privacy Rights Clearinghouse; an organization dedicated to consumer privacy and “raising awareness of how technology affects personal privacy”. According to the Privacy Rights Clearinghouse (www.privacyrights.org/data-breach/new), over 3,500 data breaches have been made public in US universities and educational institutions alone since 2005; equating to over 600,000,000 compromised…

I’m frequently asked why I think StealthAUDIT provides a better alternative to some other product on the market. The answer often comes down to the same core differentiators: StealthAUDIT takes a very different approach to other solutions on the market. While other products attempt to anticipate what reports you might need and package only those into a product set, the StealthAUDIT platform enables a flexible approach to answer virtually ANY question you have today or in the future. The SMP…

This is re-posted from an earlier post but seems as relevant as ever. If you’re thinking about monitoring Active Directory events, you’ll no doubt consider what’s involved in leveraging native event logging and how that relates to tools that are designed for AD event monitoring. In that context, below, we describe a few of the steps involved in setting up native event logging for Active Directory. Determine Which Events You Need First, you need to understand which events you need to keep trac…

It’s no secret that over the past decade, Active Directory has grown out of control across many organizations. It’s partly due to organizational mergers or disparate Active Directory domains that sprouted up over time, but you may find yourself looking at dozens or even hundreds of Active Directory domains and realize that it’s time to consolidate. And it probably feels overpowering. But despite the effort in front of you, there’s an easy way and a right way. Domain consolidation is not a si…

One of the most important things you can do to improve the security posture of your IT infrastructure is to provide in-depth monitoring of Active Directory. STEALTHbits provides numerous solutions to assist with monitoring numerous Active Directory security events. With deep visibility into administrative changes such as user account creations, group changes, and changes to Group Policy Objects (GPOs), STEALTHbits enables a complete audit trail with real-time alerts when high-risk activity ta…

You may have heard us discuss Active Directory domain consolidations or domain migrations in the past but there’s been significant recent progress in how we approach large consolidation projects. We call it Active Directory Unification and we’ve built new out of the box intelligence into our existing product set. It’s not just about getting from point A to point B. When you’re going domain consolidation ratio is in the neighborhood of 100:1 (or even 10:1), you’d better make sure you have deep…

GPOs are a bit of a strange beast. They exist in two worlds – the file system, and active directory – and they affect many more. Sort of like a platypus – a poisonous mammal that lays eggs and has a duck-bill, a beaver tail, and the feet of an otter – the GPO has the characteristics of both files and AD objects while affecting security, the registry, applications, and many other parts of your forest. And that makes it a tricky object to get a handle on. The AD portion of the GPO tracks versio…