A “dot” release has never packed a bigger punch!
The latest release of StealthAUDIT is all about what it should be; controlling and securing credentials and data.
Attackers – whether internal or external – are after at least one of these two things, but usually both. They continue to slip past the perimeter with relative ease, and once they do, operate undetected and largely unencumbered while they map out the environment and infect system after system like a digital cowbird.
These attackers rely on the fact that you don’t know what you don’t know. They know you don’t know (all) the accounts with privilege, where files containing sensitive data reside, or what normal behavior looks like for Bob from Accounting. They rely on the fact that it’s more than likely that most users and accounts have much more access than they need, that privileged accounts are being used in ways they shouldn’t, and if they can just phish one user, it’ll only be a matter of minutes or hours before they’re Domain Admins and steering the ship without anyone being the wiser.
But what THEY don’t know is that you have StealthAUDIT, and it’s not going to be that easy in YOUR environment. You’ll want to check out everything we’ve done in StealthAUDIT v7.2 to make life difficult for the bad guys, but here are a few highlights to get you excited:
- Super Discovery for your Super Users – In v7.2, we’ve added a whole new solution set designed to automate the discovery of privileged accounts across your Unix and Linux infrastructure (e.g. Sudo). Combined with the visibility StealthAUDIT already provides into Local Admin access across your Windows desktop and server infrastructure, users now have a one stop shop to understand all administrative access across the environment as a whole. Knowing which accounts are privileged means knowing which accounts need to be secured the most. Attackers are after privileged accounts, and you can’t protect them if you don’t know where they exist.
- A Full Nelson for your Sensitive Data – We’ve made a handful of great enhancements and additions to StealthAUDIT’s sensitive data capabilities in v7.2, from speed to usability. Most notable, however, is a new review workflow in the Access Information Center (AIC) to perform reviews specifically on sensitive data with your data owners. We find out where your sensitive data is, who owns it, and then what to do with it so we can lock it down – even get rid of it if it’s no longer needed. One of the best things any organization can do to mitigate the risk that sensitive data poses is to 1. Limit the number of people who have access to it, and 2. Limit the amount of it altogether. We’ll help you do both with this awesome new review type.
- Help for Hoarders – It’s so easy to just keep everything, but you’ve probably noticed the files are really starting to pile up. Not only is keeping all those files (70-80% of which you probably don’t need) really expensive, but it’s exposing your organization to a massive amount of risk. More files = More risk…it’s a simple equation. In v7.2 we’ve built an incredible new solution set and workflow to help you identify and remediate stale data. In beta trials, customers were astonished by the results and even calculated storage and management cost savings in the millions! Now that’s ROI you can quantify…
- Punishment for Bad Behavior – With so much going on at any given minute, how do organizations know where to focus their limited time and resources? Advances in User and Entity Behavior Analytics (UEBA) help to quiet the noise, which is why StealthAUDIT’s File System Suspicious Activity Report Set has been enhanced to incorporate six new threat models including Ransomware, Sensitive Data Activity, Stale File Activity, User Share Activity, Peer Group Activity, and Modified Binaries. The reporting provided by these new analyses enable users to alert upon statistically significant deviations from normal user activity, often indicative of advanced and insider threats to file system data.
Again, these are just the highlights and there’s so much more. We hope you enjoy using v7.2 as much as we’ve enjoyed building it!
Learn more about StealthAUDIT v7.2 here!
Don’t miss a post! Subscribe to The Insider Threat Security Blog here: