Steve Cochran, Founder & CEOPresenting for the sixth time in a row at the 2017 RSA Conference, STEALTHbits proudly exhibited two new products under the banner of its Active Directory suite. The two new products were StealthDEFEND—which detects abnormal credential usage behavior— and StealthRECOVER—an Active Directory (AD) rollback and recovery solution. The new additions came in right on cue, creating an ionized aura at the conference, where Active Directory security implications were the grapevine discussions of the day. According to Steve Cochran, CEO and Founder of STEALTHbits, AD is the target of nearly every attacker in every breach, since it stores a vast majority of credentials. Ironically, there is almost no one who can systematically handle such breaches and maintain the integrity of AD.
Seven minutes into the STEALTHbits Webinar Presentation, the lead Information Security Architect of a large hospital in the US MidWest asked for a Proof-of-Concept (POC) deployment at the hospital. As early as the second first week of the POC work session STEALTHbits’ StealthINTERCEPT became an eye-opener for the hospital management when an impressively creative analytics engine was turned on; it was specifically designed to detect “Horizontal Account Movement”, a common tool used by hackers to scope vulnerable accounts in a network and use it to propagate the network laterally till they find a window to move up the ladder and find more crucial points to attack. Within ten minutes an alert went off, turning their attention to a suspicious activity, later revealed to be a compromised ordinary admin account which was moving horizontally across their network, hoping to hook elevated credentials of the top level management—a hacker’s gold mine. The rest was history—blazing a trail in the way of threat detection and mitigation in the hospital’s data infrastructure network.
STEALTHbits bases its ground premise on the fact that data today is growing in an unstructured, unwieldy, and vulnerable way—hence their products lie at the eutectic point of data security and operations.
We need to rely on the technology solutions that are available today to prevent things like simple misconfigurations at the operating system level
STEALTHbits’ diverse suite of solutions caters to specific aspects of data security and amalgamates into a formidable rampart, both at the virtual perimeter, as well as between individual elements of the operational network. According to Cochran, security undertakings face major challenges primarily due to the treatment of the security system as an aloof and detached entity in the data infrastructure. He insists that the people at the operational level must be ingested into the security management process.
StealthINTERCEPT falls perfectly into place with the said gaping hole in enterprise data security infrastructure. It possesses a centralized ability to monitor and prevent any unwanted changes to the AD or behavioral patterns pointing directly at malware propagation and attempts at breaching resources, accounts, and credentials in real-time. What really places the jewel in the crown is StealthINTERCEPT’s tight integration with RSA Analytics— built-in and disruptive, in that it brings together the circumferential wall and the inter-department miscibility of data into one cohesive view, fed by streams of data from deep and difficult-to-track data points. The synergy between STEALTHbits and RSA extends to bring unstructured data entitlements to RSA’s Via Governance Platform, hence boosting the ROI on the RSA-ready STEALTHbits solutions. Now officially in its fourth iteration, StealthINTERCEPT boasts of an extensive set of features, including NTLM authentication and automatic file system blocking, exchange operation-level monitoring, and cognition of nested group membership changes, to name a few.