We noticed a gap in cybersecurity research. Most threat reports available today go into great detail about malware, threat actors, and attack kill chains, but they include very little data on the identity gaps and weaknesses that play a part in almost every cyber attack. We decided to change that.
The Identity Underground is the first attempt to map out the most critical identity security weaknesses that lead to credential theft, privilege escalation or lateral movement — both on-prem and in the cloud. They aren’t vulnerabilities or attacks in themselves, but rather inherent weaknesses in identity infrastructure regularly used by threat actors in their attacks. As such, we decided to call these gaps Identity Threat Exposures (ITEs).
The data in this report is gathered from hundreds of live production environments. Our hope is that the Identity Underground can help identity and security teams benchmark their security programs and empower them to make informed decisions on where to invest in identity security.