Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Uncategorized

Browsed By
Category: Uncategorized

Platypus

The File System, Active Directory, Real-Time Changes, and You

GPOs are a bit of a strange beast. They exist in two worlds – the file system, and active directory – and they affect many more. Sort of like a platypus – a poisonous mammal that lays eggs and has a duck-bill, a beaver tail, and the feet of an otter – the GPO has the characteristics of both files and AD objects while affecting security, the registry, applications, and many other parts of your forest. And that makes it a tricky object to get a handle on. The AD portion of the GPO tracks versio…

Timeless Information Technology (IT) Joke

LOST IN A HOT AIR BALLOON A man piloting a hot air balloon is hopelessly lost. He descends to a lower altitude and locates a man down on the ground. He lowers the balloon and shouts, “excuse me, can you tell me where I am?” The man below states, “yes, you’re in a hot air balloon, about 30 feet above this field.” “You must work in Information Technology,” said the balloonist. “Yes I do,” replies the man. “And how did you know that?” “Well,” says the balloonist, “what you told me i…
Fashion Show

Active Directory Security Modeling isn’t just for the beautiful!

Active Directory Security Modeling. Even as I type the phrase I note how ubiquitous the term can be. Not even TechNet or Google give any hard and fast rules around scope, design, or *gasp* actual implementation. Yet this ‘model’ is at the very core of AD, and AD is at the very core of the Microsoft IT footprint. So many aspects can go into a security model of this sort, right? You have at the core your OU structure, how it’s named, how it’s laid out. The associated group policy objects …

Dynamic Access Control

Windows 8/2012, DAC, and you TechEd has come and gone, but it seems we can’t quite shake off all the buzz. Some of the things that we saw at TechEd are still making us go “hmmmmmmm”. One of those things is Dynamic Access Control. At TechEd, Microsoft unveiled a new system of controlling access, and it’s both more powerful, and potentially more complicated than anything we’ve seen before. You can find a good primer here: https://technet.microsoft.com/en-us/video/dynamic-access-control-demo-wa…

AD Change Happens on DCs

Change Happens. Users come and go, their properties change, policy needs are revised, and groups have their memberships updated. Changes are made all over your organization, and they eventually find their way to your Domain Controllers where objects are modified and the changes replicate throughout your organization. Keeping tabs on all of these changes is a tricky proposition, but it’s our job to make it simple here at STEALTHbits. We all know that changes actually happen on DCs, and when t…
Magnify

File Share Entitlement Review: Finding the Owner

One thing top of mind for information security professionals is understanding who has access to what and being able to provide clear, concise reporting around it. We call it Access Governance or Data Governance and it consists of entitlement reviews, access reviews, or audit reporting. The terms overlap and the complete superset of product features around this challenge can seem overwhelming and difficult to comprehend. At STEALTHbits, we simplify things. We’ve developed quick-win solutions t…
Paper

Entitlement Reviews on Unstructured Data

Whether you’re already conducting entitlement reviews and are looking to bring unstructured data into the process or are just getting started and have concerns across your file systems and other unstructured data sources, STEALTHbits can help. Collection We’ve developed the fastest, most thorough, most flexible content scanners in the industry to collect and organize unstructured content from numerous sources. Our data collection architecture scales to support the world’s largest environments…
Server

Data & Access Governance for the Masses (of servers)

We’ve been building and perfecting our solution for data and access governance over the past few years and we’ve learned that two of the biggest considerations for data governance solutions are (1) Scalability and (2) Coverage. Scalability Scalability is critical. Any solution that attempts to scan a server will take some amount of time depending on how big the server is and how deep the scan goes. We can’t control the number of servers or the fact that scanners take time to work. A few thing…

Open File Shares: A Pragmatic Approach

A number of STEALTHbits’ customers have reported that their #1 audit challenge boils down to open file shares. Auditors are clearly concerned with access and while it’s difficult to understand access rights across millions of individual files, it’s immediately apparent when there are file shares that are open to anyone. But, how do you approach a problem that spans across thousands of servers? Do you implement a monitoring solution for three months? Manually sift through each one? Well, you …
Horatio

StealthINTERCEPT and CSI

So, in the “new and upcoming news” category, StealthINTERCEPT is due out shortly here at STEALTHbits. With a name like that, we’re not suprisingly referring to it as SI internally right now. And since I’m sitting up here in Canada going through some webpage design for the roll-out, I think of it as CSI. And then I get to thinking – CSI – well, it may not be bones and blood tests, but it’s sure useful for Corporate System Investigation. Some poor OU goes missing? Get CSI on the case. Got a bad…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL