In June 2019, Microsoft released patches for two critical vulnerabilities that were discovered in it’s NT LAN Manager (NTLM) protocol suite affecting all versions. These vulnerabilities let attackers execute malicious code on any Windows machine remotely, or even authenticate to …
Find out which of your employees pose the greatest security risk
Among the different types of cyberattacks, insider threats are the hardest to track and have the highest rate of success. This can be attributed to their use, or rather misuse, of legitimate credentials, machines, and access privileges.
Traditional SIEM solutions …
Detecting first time processes on member servers to protect against attacks
In a previous blog, we saw how ADAudit Plus’ user behavior analytics (UBA) capabilities allow administrators to monitor user logon activity to identify compromised accounts. UBA in ADAudit Plus can also help you track any unusual process on member …
Monitoring user logon activity to identify compromised accounts
In a previous blog, we saw how ADAudit Plus’ user behavior analytics (UBA) capabilities allow administrators to monitor the file activity of users to identify anomalies. UBA in ADAudit Plus can also aid in identifying compromised accounts by monitoring …
Unmask malicious insiders with user behavior analytics
Insider threats are both the most successful way to exfiltrate sensitive business data and the hardest cyberattack to detect. This is because these attacks are carried out using legitimate credentials, machines, and access privileges. Simple perimeter defense or rule-based monitoring …
[Infographic]Three tips to simplify Active Directory compliance and auditing
In the previous blog of this series, “[Infographic] Still manually onboarding users into Active Directory? There’s a better way!“, we discussed the tips and tricks to onboard users into Active Directory. In this blog, let’s discuss what admins …
Quick tips to ensure your Azure AD is safe from threats
Being the gatekeeper of Microsoft’s cloud solutions, Azure AD comes with a wide range of default security measures; these include insights on risky sign-ins and user accounts that are susceptible to attacks. However, limitations in the native tool, like a …
Tracking insider threats with AI
If you thought masked hackers in dark rooms spreading malware were your only security concern, think again.
Malicious intent isn’t always the case in such incidents. Most of the time, it’s negligence or accidental disclosure of confidential data by employees …
Account lockout and management tools
Sometimes, when you get a call regarding a password reset, you can already guess who it’s from. Most organizations have one—that one employee who somehow manages to forget their password and gets locked out of their account more than everyone …