Cyber Defense eMagazine October Edition for 2021
Cyber Defense eMagazine October Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, International Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES #CYBERSECURITYAWARENESSMONTH
Cyber Defense eMagazine October Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, International Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES #CYBERSECURITYAWARENESSMONTH
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
It may sound like a lot, and, indeed, it isn’t always easy to keep track of all identities with so many of them<br />
in a typical network. Permission sprawl has become a major issue, but manually managing every identity<br />
would require superhuman abilities. Organizations need visibility into outdated and orphaned credentials<br />
or those with too many permissions. And the rise of remote work, cloud migrations, and DevOps practices<br />
have also made it essential <strong>for</strong> organizations to limit an attacker’s ability to obtain excessive rights and<br />
privileges. This task is too much <strong>for</strong> any individual—or even a team of individuals using traditional<br />
methods. Stopping today’s attackers requires having modern tools that deliver continuous and scalable<br />
monitoring <strong>for</strong> these exposures and signs of suspicious activity. Live attack detection is also a must have<br />
<strong>for</strong> derailing attacks on domain controllers that could lead to “game over” situations <strong>for</strong> defenders.<br />
Shrink the Attack Surface with Identity Security and Network Visibility<br />
Attackers are increasingly targeting exposed credentials and using them to move laterally within victim<br />
networks. There<strong>for</strong>e, defenders need visibility into not just those exposed credentials but the potential<br />
attack paths that intruders might take within the network. Visibility into cloud and network permissions<br />
over time is also critical, and limited permissions and effective permissions management can make it<br />
harder <strong>for</strong> attackers to misuse even valid credentials.<br />
With a complete view of identity risks and exposures, defenders can remediate potential vulnerabilities,<br />
including stored credentials, AD misconfigurations, overly permissive entitlements, and more. And with<br />
attackers increasingly willing to move laterally within networks in search of the most valuable targets,<br />
defenders must be able to identify and remediate vulnerabilities and detect attacks in progress in realtime.<br />
The attack landscape is constantly changing, and defenders need every tool in their arsenal to stay<br />
one step ahead of their adversaries.<br />
About the Author<br />
Carolyn Crandall is the Chief Security Advocate at Attivo Networks, the<br />
leader in preventing identity privilege escalation and detecting lateral<br />
movement attacks. She has worked in high-tech <strong>for</strong> over 30 years and<br />
has been recognized as a top 100 women in cybersecurity, a guest on<br />
Fox News, and profiled in the Mercury News. She is an active speaker<br />
on security innovation at CISO <strong>for</strong>ums, industry events, and technology<br />
education webinars. Carolyn contributes regularly to Dark Reading and<br />
SC Magazine, and co-authored the book Deception-Based Threat<br />
Detection: Shifting Power to the Defenders.<br />
Carolyn can be reached online at carolyn@attivonetworks.com and at our company website<br />
http://www.attivonetworks.com<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>October</strong> <strong>2021</strong> <strong>Edition</strong> 92<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.