Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

I've been pentesting applications for nearly two decades now and throughout that time you get to see trends. One of these is the gradual adoption of Single Sign-On (SSO) in the corporate environment for lots of previously isolated applications. These applications would usually have their own user database and the users (the employees) would need to authenticate directly to them with specific 'local' credentials. With this setup comes varying password expiry times, complexity requirements, etc.

Privileged Access Management (PAM) is a crucial aspect of any organization's cybersecurity strategy, especially in industries that handle sensitive data, such as health care, finance and government. PAM involves implementing policies, procedures and tools to manage and monitor access to privileged accounts and limit the risk of unauthorized access or misuse. This ensures that only authorized personnel can access critical systems and data, reducing the chances of a security breach.

There are many cybersecurity threats privileged accounts face including phishing, insider threats, malware and brute force attacks. When privileged accounts aren’t managed or secured properly, all of an organization’s sensitive data is vulnerable to being successfully targeted by threat actors. Continue reading to learn how and why cybercriminals target privileged accounts and how organizations can keep their most critical accounts safe.

If an adversary manages to gain control of a privileged account in your network, you may face serious consequences, including costly data loss, prolonged downtime, customer churn, and legal and compliance penalties. This blog explains how to build an effective incident response plan that can help you minimize the damage from a breach.

In the past five years, Enterprise Attack Surfaces (EAS) have evolved significantly. EAS refer to the various entry points that cybercriminals can exploit to gain unauthorized access to an organization's digital assets. With the increasing use of cloud-based services, the proliferation of connected devices and the growing reliance on third-party vendors, attack surfaces have become broader, more numerous and more complex.

When it comes to securing Active Directory, the first place to start is usually getting a handle on what currently exists - getting a ‘lay of the land,’ so to speak. In Active Directory, the admincount attribute can play a role in identifying privileged accounts. It’s not without its faults, however. In this blog, we will explore the admincount attribute in more detail and potential uses it may have for determining which accounts may have or had privileged access.