Netwrix and Stealthbits merge to better secure sensitive data. LEARN MORE

Honeytokens Provide StealthDEFEND Users a New Tool for Detecting and Preventing Active Directory Credential Theft in Version 2.1

July 24, 2019

HAWTHORNE, NJ–July 23, 2019 –Stealthbits Technologies, Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, today announced the release of StealthDEFEND 2.1, their real-time threat detection and response platform.

Commonly used and highly successful credential compromise techniques like Pass-the-Hash and Pass-the-Ticket are notoriously difficult to detect amidst the noise of everyday activities within Active Directory. To an observer, they appear to be legitimate authentication events, and to Active Directory, they are. However, the use of deception methods like honeypots have proven to be particularly effective in capturing less savvy or careless attackers at a minimum, allowing security practitioners to proactively detect and thwart attempts to compromise their credentials and the resources they provide access to.

In StealthDEFEND 2.1, users now have the ability to employ a useful and effective application of the honeypot concept within Active Directory domains using centrally managed honeytokens. Overcoming the manual hurdles and complexities administrators have had to deal with in the past when trying to leverage honeytokens, StealthDEFEND allows users to create, configure, deploy, and manage honeytokens in bulk and at scale. The result is the creation of a digital trip wire throughout an organization’s infrastructure, providing an early warning alert that allows security teams to respond quickly and with confidence. With reduced time to detection potentially earlier in the kill chain, organizations can dramatically mitigate the risks and impact of successful data breach outcomes.

“With Honeytokens, users will be able to inject fake credentials into system memory,” said Rod Simmons, VP of Product Strategy over Stealthbits’ Active Directory solution portfolio. He continued, “The level of configuration and customization we provide makes the honeytokens appear to be legitimate to an attacker, but will actually trigger an alarm if the attacker attempts to use or find information about the account. In combination with the other threat detection and response components of StealthDEFEND, Honeytokens flip the script on the attacker, enabling the ‘deceived’ to become the ‘deceivers’.”

Additionally, StealthDEFEND 2.1 provides users with multiple performance and functionality improvements, including:

  • AD Replication Permissions Threat Alerting
  • Improved Internal Product Audit Logging
  • AD Sync Enhancements
  • And more…

To learn more about StealthDEFEND 2.1, visit

About Stealthbits Technologies

Identify threats. Secure data. Reduce risk.

Stealthbits Technologies, Inc. is a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements, and decrease operations expense.

For more information, visit, email, or call +1-201-447-9300.

The Stealthbits logo and all other Stealthbits product or service names and slogans are registered trademarks or trademarks of Stealthbits Technologies, Inc. All other trademarks and registered trademarks are property of their respective owners.

# # #

Media Contact:

Dan Chmielewski
Madison Alexander PR
Office: +1 714-832-8716
Mobile: +1 949-231-2965

© 2021 Stealthbits Technologies, Inc.