When it comes to identity protection, what lies above the ground are the user accounts and configurations we’re aware of, for which we can design and implement defenses.

But below the known identity attack surface exists an underground world of Identity Threat Exposures (ITEs): misconfigurations, forgotten user accounts, legacy settings, and insecure built-in features. These ITEs are attackers’ inside collaborators, offering an easy path to access credentials, escalate privileges, and move laterally, both on-prem and in the cloud.

The Identity Underground is the first ever threat report 100% focused on the prevalence of identity security gaps – using Silverfort’s own proprietary data. The goal of this report is to provide you with insight into the identity security weaknesses you may not be aware of and empower you to make informed decisions on where to invest in identity security.

Highlights of this report include:

  • 67% of organizations expose their SaaS apps to compromise with insecure on-prem password sync.
  • 37% of all user accounts authenticate via the weakly encrypted NTLM protocol, providing attackers easy access to cleartext passwords.
  • 1 AD misconfiguration = 109 new shadow admins (on average).
  • 31% of user accounts are service accounts – yet only 20% of companies are confident they can protect service accounts.
  • And more

Discover the most common identity security gaps that lead to compromise

Silverfort allows Huntsville Hospital to enforce MFA on our privileged access accounts and has enabled us to secure our service accounts within our active directory environment.

Rick Corn
Play video

Anyone who’s serious about cybersecurity has to have MFA on any critical operation these days or they’re really not protecting themselves in the way they should.

Tom Parker
Play Video

Silverfort is the only solution that can prevent ransomware attacks by enforcing MFA on the command-line access tools these attacks use to propagate in the network.

Billy Chen
Play video

Silverfort protects our user accounts with MFA, it protects our service accounts, our on-prem apps, our Active Directory and also our custom apps.

Jim Nonn
Play video

Identity-based attacks are really important to us. Silverfort’s end-to-end risk-based authentication enables us to respond efficiently and in a timely manner.

Rusdi Rachim
Play video