Cyber Defense eMagazine October Edition for 2021

It may sound like a lot, and, indeed, it isn’t always easy to keep track of all identities with so many of them
in a typical network. Permission sprawl has become a major issue, but manually managing every identity
would require superhuman abilities. Organizations need visibility into outdated and orphaned credentials
or those with too many permissions. And the rise of remote work, cloud migrations, and DevOps practices
have also made it essential for organizations to limit an attacker’s ability to obtain excessive rights and
privileges. This task is too much for any individual—or even a team of individuals using traditional
methods. Stopping today’s attackers requires having modern tools that deliver continuous and scalable
monitoring for these exposures and signs of suspicious activity. Live attack detection is also a must have
for derailing attacks on domain controllers that could lead to “game over” situations for defenders.
Shrink the Attack Surface with Identity Security and Network Visibility
Attackers are increasingly targeting exposed credentials and using them to move laterally within victim
networks. Therefore, defenders need visibility into not just those exposed credentials but the potential
attack paths that intruders might take within the network. Visibility into cloud and network permissions
over time is also critical, and limited permissions and effective permissions management can make it
harder for attackers to misuse even valid credentials.
With a complete view of identity risks and exposures, defenders can remediate potential vulnerabilities,
including stored credentials, AD misconfigurations, overly permissive entitlements, and more. And with
attackers increasingly willing to move laterally within networks in search of the most valuable targets,
defenders must be able to identify and remediate vulnerabilities and detect attacks in progress in realtime.
The attack landscape is constantly changing, and defenders need every tool in their arsenal to stay
one step ahead of their adversaries.
About the Author
Carolyn Crandall is the Chief Security Advocate at Attivo Networks, the
leader in preventing identity privilege escalation and detecting lateral
movement attacks. She has worked in high-tech for over 30 years and
has been recognized as a top 100 women in cybersecurity, a guest on
Fox News, and profiled in the Mercury News. She is an active speaker
on security innovation at CISO forums, industry events, and technology
education webinars. Carolyn contributes regularly to Dark Reading and
SC Magazine, and co-authored the book Deception-Based Threat
Detection: Shifting Power to the Defenders.
Carolyn can be reached online at carolyn@attivonetworks.com and at our company website
http://www.attivonetworks.com
Cyber Defense eMagazine – October 2021 Edition 92
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.