Closing identity security gaps: How Ping Identity and Silverfort protect every access point
Scroll down to watch the webinar, or head over to YouTube.
Securing the Invisible Workforce: Best Practices for Service Account Protection with Silverfort
Unsichtbare Identitäten absichern: Best Practices für den Schutz von Service Accounts mit Silverfort
Unveiling NTLMv1 Vulnerabilities: Risks and Mitigation Strategies in Active Directory Environments
Despite Microsoft’s announcement of the deprecation of NTLMv1 due to its inherent security weaknesses, recent findings reveal that many organizations continue to be susceptible to NTLMv1-based attacks. A significant discovery by Silverfort’s research team highlights a misconfiguration in Active Directory Group Policy, which, despite intentions to disable NTLMv1, inadvertently permits its continued use. In this […]
From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook
Traditional incident response plans are no longer enough. Cybercriminals are relentlessly targeting identities, exploiting stolen credentials and weak access points to wreak havoc. While there’s a well-trodden path for handling malware and network breaches, the identity piece of the puzzle is often missing. Organizations lack the clear procedures to quickly identify compromised accounts and stop […]
Advantages and Limitations of MFA: Exploring Common Bypass Techniques and Security Counter Measures
One of the most common identity security controls recommended is to implement MFA for at least those with access to valuable data…if not for absolutely everyone in the organization. However, MFA most definitely isn’t a silver bullet. From simple social engineering methods like MFA prompt bombing or proxied logons – to advanced techniques designed to […]
Today’s Top 4 Identity Security Threat Exposures: Are You Vulnerable?
When it comes to identity protection, we often focus on what’s visible above the surface – the user accounts and configurations we’re familiar with. Armed with this understanding, we can develop and deploy defenses against identity threats. Yet, beneath this familiar landscape lies a concealed realm of Identity Threat Exposures (ITEs). These underground vulnerabilities encompass […]
Building an Incident Response Playbook Against Scattered Spider in Real-Time
In late 2023, the Scattered Spider threat group attacked the networks of several major financial and insurance entities, resulting in the largest and possibly the most impactful ransomware attack in recent memory. By gaining access to these networks through social engineering, the group bypassed multi-factor authentication (MFA) by attaining login credentials and one-time passwords. Silverfort’s […]
Identity Attack Surface Key Weakness Analysis Redux: Shifting from On-Prem to Cloud
It’s no surprise that modern cyberattacks are looking for ways to move laterally both within an on-premises environment, as well as over to an organization’s cloud-based services, applications, and resources. With most every environment leveraging some form of hybrid configuration, any identity credentials that are susceptible to hacking techniques provide an attacker with potentially unfettered […]