ITDR and ISPM: The Best of Both Worlds
At first glance, Identity Threat Detection and Response (ITDR) and Identity Security Posture Management (ISPM) sound like two names for the same thing (because one thing we really need in cybersecurity is more acronyms). While they do share some similarities – like a keen eye for trouble – they each play a very specific role […]
Keeping Up with the Credentials: The Evolving Landscape of Ransomware in 2024
The first half of 2024 has seen some of the largest breaches in recent years. Their common denominator? Compromised credentials and lack of MFA. The most prominent breach to date is the Snowflake breach, which has continuously affected some major organizations since May. In this article, we’ll focus on some of the hardest hit organizations, […]
The End of an Era: Understanding the Security Risks of NTLM
In October 2023, Microsoft made a pivotal announcement that signaled the beginning of the end for NTLM, including all its versions. This decision, reiterated in June 2024, underscores Microsoft’s commitment to transitioning developers to more secure protocols, such as Kerberos via the Negotiate mechanism. With the deprecation process set to commence in early 2025 and […]
Shining the Spotlight on the Rising Risks of Non-Human Identities
Active Directory Service Accounts: A closer look at one of the most common NHIs and their role in lateral movement The security of Non-Human Identities (NHIs) is now top of mind for security stakeholders. But what exactly is a non-human identity, and how do they impact an organization’s cybersecurity posture? NHI is a broad term used […]
NTLM Deprecation is Giving Us XP EOL Flashbacks: Are You Protected?
Microsoft recently announced the deprecation of NTLM protocol for Windows client. This falls in line with Microsoft’s encouragement to move away from NTLM due to the security risks it introduces – and acts as a wakeup call that maintaining NTLM usage puts environments at high risk. We cannot overlook the striking resemblance between today’s NTLM deprecation […]
Identity Security Is the Key to Managing Manufacturers’ Supply Chain Cyber Risk
What’s the weakest link in a manufacturer’s security architecture? One of the common answers is ‘the one you can’t control’, with third-party access being the most prominent example. Supply chain attacks are one of the hardest challenges security teams struggle with, particularly for manufacturing companies that rely heavily on an ecosystem of external contractors. Their […]
Beyond Passwords: Why Trusting Password Hygiene Isn’t Enough
Let’s discuss passwords and identity security. By entering a password that only you know, you are in theory “proving” to a system that you are who you claim to be. They have been widely used in the IT/OT world for a very long time – arguably too long. To make passwords a little more […]
Navigating Retail: Overcoming the Top 3 Identity Security Challenges
As retailers compete in an increasingly competitive marketplace, they invest a great deal of resources in becoming household names. But brand recognition is a double-edged sword when it comes to cybersecurity. The bigger your name, the bigger the cyber target on your back. Data breaches in the retail sector cost an average of $3.28 million […]
Top 5 Evaluation Criteria For Choosing The Right ITDR Tool
Identity is now a top priority for security decision makers. The need to overcome malicious TTPs, such as credential access, privilege escalation and lateral movement, has never been more urgent. When over 80% of breaches involve the use of compromised credentials and ransomware attacks take down even the largest organizations, the price of neglecting identity […]