Netwrix Enterprise Auditor (formerly StealthAUDIT) 11.6 has been released LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Search

Featured Blog

What is a Data Breach And How to Prevent One

What is a Data Breach and How to Prevent One

Data breach. There are fewer times that two simple words invoke so many fearful thoughts in the mind of a C-level executive. How did it happen? What was taken? What are we going to do? Who was responsible? There are many routes an organization may explore in terms of breach mitigation, but let us start at the beginning. This blog will cover some of the simple basics of a data breach – what it is, ways they are caused, etc. –  and some simple steps that an organization can …
Sensitive Data Discovery for Compliance

Sensitive Data Discovery for Compliance

The industrial revolution began in the late 18th century and revolutionized the manufacturing process; in a similar manner, the digital revolution happening now is fundamentally changing the way that organizations conduct business. The Digital revolution is all about the digital transformation of how business is conducted in today’s connected world. By migrating data from paper archives to the digital world, businesses can now integrate and utilize relevant data in our day-to-day lives. &nbsp…
Stealthbits Combines Ease of Use and Security for a Unique Approach to Privileged Access

Stealthbits Combines Ease of Use and Security for a Unique Approach to Privileged Access Management

Typically, security is improved at the expense of convenience. Two-factor Authentication disrupts a user for another authentication factor in addition to a password. Signing-in and getting a guest badge with the lobby security guard before meeting a prospective client may be secure but is not very convenient. I could drone-on with more examples, but you get the point.  Our latest release of Stealthbits Privileged Activity Manager® (SbP…
Stealthbits ProTip

Protip: How to Setup User Activity & Database Logon Scans in StealthAUDIT for Oracle

StealthAUDIT for Oracle can monitor database user activity in all your Oracle databases. In addition, it can also enumerate and report on user permissions, database configuration, conduct a vulnerability assessment and can help you discover and report on sensitive data stored in your Oracle databases. StealthAUDIT Oracle activity monitoring can audit all types of database activity. Such as the type of SQL statement executed, changes to data, username, application, execution time, etc., Ste…
Ready for Microsoft’s LDAP Changes? What You Need to Know

Ready for Microsoft’s LDAP Changes? What You Need to Know

What is Changing? In March, Microsoft will be releasing a patch that includes new audit events, additional logging, and some changes to group policy settings. Later in 2020, Microsoft will be changing the behavior of the default values for LDAP channel binding and signing. They’re making these changes because the current default settings allow for a potential man-in-the-middle attack that can lead to privilege escalation. This means, once the default settings are changed, that any new doma…
What is a Data Breach And How to Prevent One

What is a Ransomware Attack?

| Todd Kovalsky | | Leave a Comment
Million-dollar ransomware payouts, government protection, and ease of access will continue to fuel the growth of cybercrime. Imagine coming to work and turning on the computer only to see a message that says “repairing file system on C:” or “oops, your important files are encrypted” demanding a payment in bitcoin to decrypt them. A typical message displayed during a Ransomware attack When you read the headlines of six-figure ransomware payouts, you might begin to wonder how hacker g…
Best Practices for Storage Reclamation – Part 3 of 3

Best Practices for Storage Reclamation – Part 3 of 3

In parts 1 and 2 of this blog series, we introduced the key elements of a storage reclamation program and dove deeply into 5 key capabilities that would be needed.  In this last blog, we pull all of the guidance together and wrap up the discussion. Putting It All Together With the five key capabilities addressed in the earlier blogs, any organization can be prepared to put together a comprehensive file cleanup workflow.  While no two organizations are alike, a cleanup campaign…

Best Practices for Storage Reclamation – Part 2 of 3

In part 1 of this series, we explained that there are 5 key capabilities needed for a successful file cleanup project, and discussed Capability 1 – File Discovery, and 2 – Sensitive data discovery.  In this second blog we pick up the discussion with Capability 3 – Activity and File Usage. Capability 3 – Activity and File Usage Understanding who is actively using files on file servers can offer tremendous insight into how to approach a cleanup effort.  By monitoring activity, i…

Microsoft LDAP Channel Binding and Signing Patch

Discovery Solution for Microsoft’s March 2020 Update Lightweight Directory Access Protocol (LDAP) – How did we get here? 20 years ago, I embarked on the fantastical journey that was migrating from NT4 to Active Directory. This is also when I began learning the power of LDAP. While it was technically available, very few companies implemented secure LDAP in the early days. Most enterprise applications or internal applications took advantage of the directory (and in a wide variety of ways)…
Best Practices for Storage Reclamation – Part 1 of 3

Best Practices for Storage Reclamation – Part 1 of 3

Data Access Governance (DAG) has many different types of use cases, with most falling into three main categories: data security, regulatory compliance, and operational efficiency.  There has been a lot written about security due to the increasing frequency of ransomware attacks, and a lot is being written about compliance, most recently around privacy – but we haven’t talked much about the operational efficiency use case. A good DAG program allows organizations to manage more data wit…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL