StealthDEFEND 2.2 – Blocking Threats without an Army of Analysts
Data Breaches continue to rise 30-40% every year and attackers continue to advance their techniques to infiltrate organizations exploiting vulnerabilities to gain access to sensitive data. Organizations concerned about data breaches and the rising costs to remediate them, need advanced solutions to identify and combat these ever-increasing attacks.
As attacks increasingly occur, organizations are struggling
to find sufficient security talent:
“Nearly Half of Organizations Lack the Neces…
ProTip: Exciting New StealthDEFEND Functionality Available with the Release of Version 2.2 on November 5, 2019
Stealthbits is very excited to share a sneak peek of some of the enhancements available with the launch of StealthDEFEND 2.2, scheduled for November 5, 2019.
The fact remains – organizations concerned about data
breaches and the rising costs to remediate them, need advanced solutions to not
only quickly identify, but automatically respond to an ever-increasing barrage
of attacks and breaches.
Please continue reading to review technical tips and
aligning video tutorials of how StealthDE…
Advanced Data Security Features for Azure SQL- Part 3: Advanced Threat Protection
In my last blog post, we took a look at the Vulnerability Assessment within the Advanced Data Security (ADS) offering for Azure SQL. In my final blog post of the series, we will take a deep dive into the Advanced Threat Protection features.
VIEW PART 1 HERE
VIEW PART 2 HERE
Advanced Threat Protection for Azure SQL Databases provides administrators with immediate visibility into potential threats such as suspicious database activities, potential vulnerabilities, SQL injection attacks…
Top Five Ways You End Up With Open Shares: Part 2
In the first post of this series, we explored two ways you can end up with dangerous open shares. Open shares are essentially folders that everyone in your company can access. Sharing what is in those folders isn’t a threat by itself, but securing those documents can be tough. In this post, we’ll discuss three equally important, but less common ways to end up with dangerous open shares.
Learn more about open shares here.
Reason 3: End Users Are Given Full Control and Grant Anyone Who As…
Protip: How to Use the Stealthbits Privileged Activity Manager for Delegated Access to Active Directory
Oftentimes,
helpdesk operators are given access to accounts with privileges covering a
broad range of tasks.
A better
approach is to apply delegated permissions for the specific task in hand, and
then to remove those privileges once the action has been completed.
Stealthbits Privileged Activity Manager (SbPAM) can allow AD rights to be dynamically added to a helpdesk operator account at the point it is required. To do this you will need to create a new Activity.
Step 1) Create a new…
Top Five Ways You End Up With Open Shares: Part 1
Open shares are evil. Sure, there are cases you may need a read-only share open to everyone in the organization. How else will they grab benefits forms or company calendars to print and hang in their cubes? But it’s amazing how often those simple use cases grow into ugly messes. All it takes is one person with the right (or wrong) rights to add write access to that same share, and you have a huge problem.
Learn more about open shares here.
The root of the problem comes from something y…
Pragmatic Data Security Best Practices: Part 2
The last post, we started discussing the importance of protecting Active Directory and your unstructured data. Today, we’ll continue our discussion with the next three data security best practices to ensure the security of your data.
Pragmatic
Data Security Best Practice #2: Monitor Activity
Monitoring activity is an essential capability, but be
careful not to bite off more than you can chew. The best way to make effective
use of your monitoring efforts is to focus on specific scenarios…
Setup, Configuration, and Task Execution with Covenant: The Complete Guide
In this blog post, we are taking a deeper dive into Covenant. Covenant is one of the
latest and greatest Command and Control (C2) Post Exploitation Frameworks which
I covered in In my previous
blog post. In that post, we discussed
Covenant on a high level but now let’s go through the process of configuring
and using Covenant to execute payloads on compromised hosts.
NOTE: This post demonstrates the capabilities of
Covenant in Mid-September 2019.
Getting Setup and Starting Covenant
T…
Pragmatic Data Security Best Practices: Part 1
Data security is a major issue for any company that has valuable information to protect. Breaches of that data can cost an organization dearly in the form of business disruption, loss of revenue, fines, lawsuits, and perhaps worst of all, the loss of trust between the organization and its customers and partners. But the challenge of securing all that data is daunting. It’s easy to lose sight of the fact that some small changes can have a major impact. Just as a journey of a thousand miles sta…
Protecting Against DCShadow
What Organizations Can Do to Stop a DCShadow Attack
Recently, I came across a post outlining how companies CANNOT effectively defend against a DCShadow attack but instead need to take a reactive approach to identify when it may have occurred by monitoring their environment, and rolling back any unwanted changes once they were identified. Unfortunately, reacting to an incident could mean the damage is already done and a malicious actor has run off with the ‘keys to the kingdom’. The best co…
