Non-human identities, such as machine credentials and service accounts, are critical for modern cloud operations. But their rapid decentralized creation often leaves organizations vulnerable, said Steve Johnson, vice president - sales, east, Entro Security.
A directory service should be a "source of truth," said Justin Kohler, vice president of products at Spector Ops. But when users are overprivileged or misconfigurations occur, that creates attack hubs. Kohler discusses BloodHound, a solution he says is like Google Maps for Active Directory.
Adding former CIA Director Gen. David Petraeus to Semperis' strategic advisory board has given the identity vendor knowledge and insights into global threat activity, said CEO Mickey Bresman. Petraeus complements the firm's incident response arm company with perspectives on global threats.
Microsoft estimates that each day threat actors attack 95 million Active Directory accounts. In the face of so many attacks, security teams should assume compromise and focus not just on securing Active Directory but also on recovery and resilience, said Semperis' Simon Hodgkinson.
Cybersecurity vendors have gone all-in on reducing the cloud attack surface, but efforts to shrink the SaaS and identity attack surface remain in their infancy. Vectra has leveraged its artificial intelligence expertise to help triage and automate the alert response process, CEO Hitesh Sheth says.
The world's largest cybersecurity vendor continues to pull away from the competition. Microsoft's security sales surpassed $20 billion in 2022 after 33% annual growth. The cloud computing and software giant continues to reap the rewards of security tool consolidation.
CrowdStrike CEO George Kurtz says the size of the untapped opportunity around identity protection mirrors where the endpoint detection and response market was many years ago. The company saw over the last quarter a doubling of the number of customers subscribing to its identity protection module.
The recently discovered Russian-linked MagicWeb malware that exploits on-premises Microsoft Active Directory Federated Services servers to persist in compromised systems underscores the benefits of cloud-based infrastructure and a zero trust approach to architecture, security researchers say.
In the tit-for-tat world of advanced persistent threats, security measures set by Microsoft such as multifactor authentication are being met by Russian hacking group APT29 with circumvention techniques. Mandiant says it's seeing several new hacking methods by the group, also known as Cozy Bear.
ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.
Microsoft plans to roll out new decentralized identity and cloud infrastructure entitlement management products to extend secure access from users to workloads and apps. Microsoft Entra Permissions Management will be available on a stand-alone basis in July, and Verified ID will debut in August.
Semperis has closed a Series C funding round to expand geographically and enhance identity protection and threat mitigation with AI and ML capabilities. The AD security provider plans to use the $200 million to expand into safeguarding additional cloud applications and cloud identity providers.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
Microsoft is urging customers to apply patches issued in November for two Active Directory domain controller bugs following publication of a proof-of-concept tool that leverages these bugs, which when chained can allow easy Windows domain takeover.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.