Introducing StealthAUDIT 11.5! Complete your cloud security puzzle. LEARN MORE
Stealthbits

INSIDER THREAT SECURITY BLOG

And other things that keep you up at night

Blog >Search

Featured Blog

Stealthbits Named Innovation Leader in New KuppingerCole Leadership Compass for PAM

The privileged access management (PAM) market is heating up! According to the 2020 KuppingerCole Leadership Compass for PAM there are roughly 40 vendors in the space with combined annual revenue of $2.2 billion, which is predicted to grow to $5.4 billion a year by 2025. This represents a compound annual growth rate (CAGR) of 20%. The takeaway: More and more organizations are looking to invest in the next generation of PAM solutions, which offer advantages over more traditional and now…

Migrating Azure Information Protection (AIP) Classic Labels to Unified Labels

Azure Information Protection (AIP) is Microsoft’s cloud-based solution for classifying and, optionally, protecting sensitive documents and emails in both cloud and on-prem environments. AIP is a powerful tool (that we’ve discussed before) that can automatically apply labels and encrypt files based on admin-defined rules, and even protect documents after they’ve left an organization’s network. Changes to AIP Administration AIP was released in 2016, however, the product received…
An Amazon Macie Alternative

An Amazon Macie Alternative

If you’re storing data in Amazon S3 (Simple Storage Service) buckets, it’s highly likely you’ve taken a look at Amazon Macie. If you’re new to the AWS ecosystem, Macie is a tool Amazon built to help S3 users discover, classify, and protect the sensitive data they store in their S3 instances. On a positive note, offering a tool like Macie is a good thing as Amazon S3 users have had their fair share of challenges keeping their buckets (and the data within them) out of harm’s way. The visibil…
Announcing StealthAUDIT 10.0 Mitigating Security Risks On-Premises and in the Cloud

Announcing StealthAUDIT 10.0 – Mitigating Security Risks On-Premises and in the Cloud

Let’s face it – security professionals struggle to keep up with and defend their organizations against the wide variety of tactics, techniques, and procedures (TTPs) attackers can use to infiltrate networks, elude detection, compromise credentials, and escalate privileges on their way to compromising enterprise data. Correspondingly, there is an ever-increasing number of storage platforms and repositories available to house the data security professionals need to protect, both on-premises and…
What is a Data Breach And How to Prevent One

What is a Data Breach and How to Prevent One

Data breach. There are fewer times that two simple words invoke so many fearful thoughts in the mind of a C-level executive. How did it happen? What was taken? What are we going to do? Who was responsible? There are many routes an organization may explore in terms of breach mitigation, but let us start at the beginning. This blog will cover some of the simple basics of a data breach – what it is, ways they are caused, etc. –  and some simple steps that an organization can …
Sensitive Data Discovery for Compliance

Sensitive Data Discovery for Compliance

The industrial revolution began in the late 18th century and revolutionized the manufacturing process; in a similar manner, the digital revolution happening now is fundamentally changing the way that organizations conduct business. The Digital revolution is all about the digital transformation of how business is conducted in today’s connected world. By migrating data from paper archives to the digital world, businesses can now integrate and utilize relevant data in our day-to-day lives. &nbsp…
Stealthbits Combines Ease of Use and Security for a Unique Approach to Privileged Access

Stealthbits Combines Ease of Use and Security for a Unique Approach to Privileged Access Management

Typically, security is improved at the expense of convenience. Two-factor Authentication disrupts a user for another authentication factor in addition to a password. Signing-in and getting a guest badge with the lobby security guard before meeting a prospective client may be secure but is not very convenient. I could drone-on with more examples, but you get the point.  Our latest release of Stealthbits Privileged Activity Manager® (SbP…
SMBv3 Vulnerability Explained

SMBv3 Vulnerability Explained

| Kevin Joyce | | Leave a Comment
SMBGhost What Happened? This week, Microsoft accidentally published information around a newly identified vulnerability in SMBv3, which is being dubbed SMBGhost. This vulnerability can lead to remote code execution on the server, which is always a major concern as far as the severity of vulnerabilities go. The version affected specifically is 3.1.1, which is a more recent version. They mention that this can be exploited from an unauthenticated attacker who sends a specially crafted pack…
Stealthbits ProTip

Protip: How to Setup User Activity & Database Logon Scans in StealthAUDIT for Oracle

StealthAUDIT for Oracle can monitor database user activity in all your Oracle databases. In addition, it can also enumerate and report on user permissions, database configuration, conduct a vulnerability assessment and can help you discover and report on sensitive data stored in your Oracle databases. StealthAUDIT Oracle activity monitoring can audit all types of database activity. Such as the type of SQL statement executed, changes to data, username, application, execution time, etc., Ste…
Ready for Microsoft’s LDAP Changes? What You Need to Know

Ready for Microsoft’s LDAP Changes? What You Need to Know

What is Changing? In March, Microsoft will be releasing a patch that includes new audit events, additional logging, and some changes to group policy settings. Later in 2020, Microsoft will be changing the behavior of the default values for LDAP channel binding and signing. They’re making these changes because the current default settings allow for a potential man-in-the-middle attack that can lead to privilege escalation. This means, once the default settings are changed, that any new doma…

Subscribe

DON’T MISS A POST. SUBSCRIBE TO THE BLOG!


Loading

© 2022 Stealthbits Technologies, Inc.

Start a Free Stealthbits Trial!

No risk. No obligation.

FREE TRIAL