INSIDER THREAT SECURITY BLOG

LDAP Monitoring LDAP (Lightweight Directory Access Protocol) is an application protocol for querying and modifying items in directory service providers like Active Directory (AD). AD, by contrast, is a directory services database, and LDAP is one of the protocols you can use to talk to it. Because Microsoft provides no easy way to monitor LDAP queries, to see the query that was issued and where it came from, insider threat actors can leverage this blind spot to perform reconnaissance activit…

In part one we looked at the questions organisations must address when dealing with DSARs (Data Subject Access Request). Simple questions, but in reality, tricky or virtually impossible to answer depending on the size and complexity of your data infrastructure. That said, they’re actually the core premise of Data and Access Governance. What is Data Access Governance (DAG)? DAG is best described as ‘Governing who has access to what’. It’s giving the right people access to the right data…

It comes as a surprise to no one that information security pros have strong opinions. So each year STEALTHbits puts out their floor survey and the results come pouring in. 2017 was no exception. We’re excited to announce the “5 Trends for Security Professionals”, which you can get here. This year’s report breaks down 5 trends we saw in the responses and attempts to connect those to the larger threads of thought in the security world today. I won’t steal all the thunder here, but I will give y…

Part 1: Understand the Basic Requirements of GDPR Despite the GDPR being marked as a clearer to understand regulation, it’s still a mine field of legal and compliance requirements, interpretations and uncertainty. The purpose of this blog series is to help you understand the fundamental requirements of GDPR by peeling back the layers of legality, bureaucracy and spin. The Numbers It’s safe to say that the numbers have stolen all of the GDPR headlines: 4% of global revenue or €20m fines …

Shifting the Focus of the Cybersecurity Discussion First, if you have not yet read Joel Brenner’s report, “Keeping America Safe: Toward More Secure Networks for Critical Sectors,” written for the MIT Center for International Studies and the MIT Internet Policy Research Initiative, then you should open another tab right now and go do that. Don’t worry. We’ll wait. The report is not so interesting for breaking new ground, but rather for shifting the focus of the cybersecurity conversation in a…

Staying in lockstep with today’s threats Today we announce the release of StealthINTERCEPT 4.1, the latest iteration of our Real-time Change and Access Auditing solution. For many organizations, monitoring and auditing of their Active Directory (AD), File Systems, and Exchange environments continues to be a challenging endeavor due to the complexity of configuration and overall performance concerns associated with native auditing. Today’s threats continue to evolve in sophistication and spee…

If you’re responsible for the management and security of an Active Directory (AD) or Windows infrastructure, you already know you’ve got a tough job.  And with thousands of configurations and potential conditions to worry about across dozens of AD and Operating System (OS) versions, where do you even begin an effort to address your most at-risk conditions?  What are they to begin with?  If you’re at a loss, I’d suggest you start right here… Below I’ve listed 10 checks you can perform to high…

It is that time of year again, time to get our bags packed and head to San Francisco for the RSA Conference. This year’s theme is the Power of Opportunity–which is a fitting theme for most security companies as they move toward partnerships that benefit end users. As a cybersecurity company that focuses on credentials and data, we thought it would be helpful to select a top 10 list of data security sessions for you to attend while at RSA. Don’t forget to also visit us in the North Hall, Bo…