Cyber Defense Magazine Special Annual Edition for RSA Conference 2021
Cyber Defense Magazine Special Annual Edition for RSA Conference 2021 - the INFOSEC community's largest, most popular cybersecurity event in the world. Hosted every year in beautiful and sunny San Francisco, California, USA. This year, post COVID-19, virtually with #RESILIENCE! In addition, we're in our 9th year of the prestigious Global InfoSec Awards. This is a must read source for all things infosec.
Cyber Defense Magazine Special Annual Edition for RSA Conference 2021 - the INFOSEC community's largest, most popular cybersecurity event in the world. Hosted every year in beautiful and sunny San Francisco, California, USA. This year, post COVID-19, virtually with #RESILIENCE! In addition, we're in our 9th year of the prestigious Global InfoSec Awards. This is a must read source for all things infosec.
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
The downside of this approach is that reviewing logs can be very time-consuming to get right, and many<br />
SOC and SIEM instances do not ingest Active Directory and domain controller logsnatively. These tools<br />
are also prone to generating false alerts that noisy and tend to mute out the important ones. Perhaps the<br />
biggest challenge is that these tools are reactive and don’t proactively identify AD vulnerabilities that<br />
create risks related to credentials or domain access from endpoints. They are also not designed <strong>for</strong> live<br />
attack detection and will typically surface issues well after the event happens. This after-the-fact<br />
detection is similar to alerting on a car crash after it’s happened, which is, of course, not very<br />
helpful except <strong>for</strong> recovery ef<strong>for</strong>ts. Viewing logs can also miss critical attacks like password<br />
spraying, DCSync, DCshadow, and Golden ticket or silver ticket attacks.<br />
Attivo Networks has led the industry in providing efficient and accurate threat detection <strong>for</strong> credential<br />
theft and lateral movement activity. The company has continued to lead in innovation around credential<br />
and Active Directory protection. These include new ways to conceal credentials and AD objects from<br />
attackers, reveal attack paths, and deliver automated methods to find vulnerabilities in AD that create risk<br />
or demonstrate that a live attack is underway.<br />
In 2020, Attivo announced ADSecure that hides AD objects from attackers. In <strong>2021</strong>, the<br />
company announced ADAssessor, which automatically completes over<br />
200 exposure checks, identifies over 70 vulnerabilities, and continuously detects over 10 critical live<br />
attacks. These products create an unprecedented level of visibility and attack prevention that has simply<br />
not been seen in the market be<strong>for</strong>e. Some of the quotes from our early adopters include:<br />
“When I found out about this, I was pretty shocked and a bit skeptical, but very excited with the outcome<br />
that, Hey, this actually solves a problem that I’ve been, been looking at <strong>for</strong> years and years and years.” –<br />
VP In<strong>for</strong>mation Security & IT Risk, Real Estate Equities Firm<br />
“I haven’t seen a tool yet that provides this level of visibility in a way that’s so usable.” – VP In<strong>for</strong>mation<br />
Security & IT Risk, Real Estate Equities Firm<br />
“We say that ADAssessor should be something everybody does because Active Directory is just so<br />
commonly abused by attackers.” – – VP In<strong>for</strong>mation Security & IT Risk, Real Estate Equities Firm<br />
“ADAssessor provides a necessary and critical visibility into directory services and is a key component<br />
to provide identity and directory assurance.” - CISO, Large Food Retailer<br />
“A tool like ADAssessor is very great <strong>for</strong> understanding what are those hygiene changes that need to<br />
occur that I think you’ll see used <strong>for</strong> spotting changes.” - VP of IT infrastructure, Data Intelligence Firm<br />
91