Security News
Semperis announced the general availability of Directory Services Protector 3.5, which includes DSP Intelligence, a new module that provides automated security assessments of Microsoft Active Directory. DSP Intelligence proactively uncovers dangerous vulnerabilities that arise from external threat actors, systemic weaknesses in default identity and access settings, and even internal configuration drift that leads to security regression.
Security firm Semperis built Purple Knight to make it easy for companies to patch holes in Active Directory security. "Any large organization that has had Active Directory deployed for a long time is going to have weaknesses in their security posture, which means that if attackers got in, they would find it easy to exploit these vulnerabilities," he said.
Microsoft Active Directory is ubiquitous across the corporate landscape and a perfect target for cyberattacks due to its popularity and importance. A single set of compromised credentials could potentially leave your enterprise's identity management infrastructure vulnerable, leading to a network security failure.
Attivo Networks announced the expansion of its Active Directory protection suite of products with a new and innovative way to discover and remediate exposures in Active Directory that could lead to breaches. Active Directory is a directory service used by over 90% of all enterprises for employee authentication, identity management and access control.
What is a service account? What special privileges does it have on local systems? What cybersecurity risks can relate to service accounts used in the environment? How can IT admins find weak or non-expiring passwords used in Active Directory for service accounts? As mentioned at the outset, specific Active Directory accounts serve different purposes in Active Directory Domain Services.
SpyCloud announced it has added a new password filter feature to SpyCloud Active Directory Guardian. SpyCloud Active Directory Guardian now automatically prevents employees from setting risky passwords using a password filter.
The product is the only Active Directory plugin to check credentials at installation and password creation, and continuously monitor for and detect compromised credentials. The automated tool screens passwords against the dynamic Enzoic database containing billions of exposed credentials.
Secondly, a given password might be somewhat easy to guess, despite existing password requirements. Password changes only occur via the user or Active Directory administrator.
Domain controllers, Active Directory, and servers are prime reconnaissance targets to hunt for additional privileged credentials and privileged access. 90 percent of organizations use Active Directory as their primary store for employee authentication, identity management, and access control in their on-premises environments.
How can organizations bolster the security of password resets for remote workers? One security workflow might involve having manager approval before IT helpdesk technicians can change a remote worker's password. How can password resets by department managers quickly be configured using built-in features in Active Directory?