Directory services

Semperis Launches Active Directory Security Halftime Report to Spotlight Gaps in Securing Hybrid Identity Systems  

Retrieved on: 
Wednesday, August 4, 2021
Software, Technology, Security, Computer security, Cybercrime, Computing, Data security, Identity management, Directory services, Identity-management system, Active Directory, Cyberattack, Directory service, Security convergence

Against a backdrop of these escalating identity-related cyberattacks, the Active Directory Security Halftime Report highlights the essential areas of focus for identity and access management (IAM) teams, security teams, and CISOs responsible for guarding organizations identity systems.

Key Points: 
  • Against a backdrop of these escalating identity-related cyberattacks, the Active Directory Security Halftime Report highlights the essential areas of focus for identity and access management (IAM) teams, security teams, and CISOs responsible for guarding organizations identity systems.
  • With an emphasis on fast-track skills-building for identity and security professionals, the Active Directory Security Halftime Report consolidates:
    Practical guidelines for hardening AD security by closing common gaps that can be uncovered with the free security assessment tool Purple Knight , built by Semperis identity and access management (IAM) experts;
    New perspectives on building a cyber-resilient organization by breaking down siloes between identity and security teams;
    Tips for managing security in increasingly complex hybrid identity systems, particularly across on-premises Active Directory and Azure Active Directory environments; and
    Trends in cybercriminals tactics for compromising identity systems, as highlighted in the monthly Semperis Identity Attack Watch series.
  • The Active Directory Security Halftime Report, available at https://pages.semperis.com/2021-ad-security-halftime-report/ , will be updated on a periodic basis to serve as a timely, concise index of resources for organizations that have prioritized hardening their Active Directory and Azure Active Directory defenses against escalating cyberattacks.
  • Purpose-built for securing Active Directory, Semperis patented technology protects over 40 million identities from cyberattacks, data breaches, and operational errors.

Tenable Helps Organizations Disrupt Attacks with New Active Directory Security Readiness Checks

Retrieved on: 
Thursday, July 29, 2021
Computer access control, Computer security, Directory services, Cryptography, French Revolution, Directory service, Authentication, Active Directory, Nessus, French Directory

Bad actors have set their sights on the one system that connects everything on the corporate network-- from cloud, web apps, traditional IT and operational technology (OT): Active Directory. According to Frost & Sullivan, 90 percent of the Fortune 1000 use Active Directory as their primary method for authentication and authorization. Active Directory is almost always the first target for bad actors once they gain a foothold in the enterprise. The Solarwinds hack and a string of high-profile ransomware attacks that crippled critical infrastructure have highlighted the critical role that Active Directory plays in enterprise security and the problems which can occur if not expertly configured, audited and monitored for high-risk activities.

Key Points: 
  • These checks leverage Tenables expertise in securing Active Directory environments through Tenable.ad and are available immediately for existing customers at no extra charge.
  • According to Frost & Sullivan , 90 percent of the Fortune 1000 use Active Directory as their primary method for authentication and authorization.
  • Active Directory is almost always the first target for bad actors once they gain a foothold in the enterprise.
  • The Active Directory Security Readiness Checks are now generally available in Tenable.sc, Tenable.io, Tenable.ep, Nessus Professional and Nessus Essentials.

Banyan Security Expands Secure Access to Hybrid Environments With Microsoft Azure Active Directory

Retrieved on: 
Tuesday, May 25, 2021
Cloud computing, Computing, IT infrastructure, Cloud infrastructure, Directory services, Cloud storage, Microsoft Azure, Active Directory

SAN FRANCISCO, May 25, 2021 (GLOBE NEWSWIRE) -- Banyan Security today announced an integration between Banyan Security Zero Trust Remote Access and Microsoft Azure Active Directory (Azure AD), bringing zero trust access controls to users by becoming a secure hybrid access partner.

Key Points: 
  • SAN FRANCISCO, May 25, 2021 (GLOBE NEWSWIRE) -- Banyan Security today announced an integration between Banyan Security Zero Trust Remote Access and Microsoft Azure Active Directory (Azure AD), bringing zero trust access controls to users by becoming a secure hybrid access partner.
  • With Banyan Security, Microsoft Azure Active Directory customers now have another option to protect their infrastructure with a zero trust approach, said Sue Bohn, partner director, Microsoft Identity at Microsoft.
  • Banyan Securitys integration with Azure AD extends zero trust access controls to all types of resources, making it easier to stay secure in the hybrid work environment.
  • Banyan Security Zero Trust Remote Access integration is now available in the Azure AD app gallery.

Semperis Debuts Vigilance Channel Program, Addressing Urgent Need for Next Generation Active Directory Security Solutions

Retrieved on: 
Thursday, April 8, 2021
Technology, Internet, Data management, Security, Data security, Computing, Security, Directory services, Computer network security, Physical security, Security convergence, Computer security, Active Directory

Semperis , the pioneer of identity-driven cyber resilience for enterprises, today announced its Vigilance Channel Program to help global resellers and distributors accommodate the urgent need for security solutions that address Active Directory (AD) challenges.

Key Points: 
  • Semperis , the pioneer of identity-driven cyber resilience for enterprises, today announced its Vigilance Channel Program to help global resellers and distributors accommodate the urgent need for security solutions that address Active Directory (AD) challenges.
  • Spanning partners in 15 countries, Semperis channel relationships are led by security software industry veteran Richard (Ric) A.
  • We are delighted to be partnering with Semperis in delivering new, innovative solutions to secure and monitor Active Directory, said Andy Taylor, Principal Consultant with Identity Experts , a UK-based identity and security consultancy.
  • Purpose-built for securing Active Directory, Semperis patented technology protects over 40 million identities from cyberattacks, data breaches, and operational errors.

Lightspin Security Research Team Reveals AWS Identity and Access Management Vulnerable to Abuse

Retrieved on: 
Wednesday, March 24, 2021
Computing, Cloud computing, Cloud infrastructure, Directory services, Technology, Active Directory, Windows, Amazon Web Services

The research team was able to compromise dozens of accounts by using this technique.

Key Points: 
  • The research team was able to compromise dozens of accounts by using this technique.
  • "However, upon further investigation, we found that in many cases, users could perform actions that system administrators believed were denied when they configured group security configurations.
  • Lightspin researchers discovered that many security administrators were unaware that AWS IAM rules do not work the same way as Azure Active Directory or other authorization mechanisms.
  • While defining Active Directory Azure policies, if a group is denied read access to the file, all group members cannot access it.

Lightspin Security Research Team Reveals AWS Identity and Access Management Vulnerable to Abuse

Retrieved on: 
Wednesday, March 24, 2021
Computing, Cloud computing, Cloud infrastructure, Directory services, Technology, Active Directory, Windows, Amazon Web Services

The research team was able to compromise dozens of accounts by using this technique.

Key Points: 
  • The research team was able to compromise dozens of accounts by using this technique.
  • "However, upon further investigation, we found that in many cases, users could perform actions that system administrators believed were denied when they configured group security configurations.
  • Lightspin researchers discovered that many security administrators were unaware that AWS IAM rules do not work the same way as Azure Active Directory or other authorization mechanisms.
  • While defining Active Directory Azure policies, if a group is denied read access to the file, all group members cannot access it.

Attivo Networks® Announces Continuous Assessment and Enforcement of Privileged Access

Retrieved on: 
Wednesday, March 3, 2021
Software, Technology, Security, Computer access control, Computer security, Data security, Computing, Directory services, Computer network security, Cybercrime, Malware, Active Directory, Authentication, Directory service

Active Directory is a directory service used by over 90% of all enterprises for employee authentication, identity management and access control.

Key Points: 
  • Active Directory is a directory service used by over 90% of all enterprises for employee authentication, identity management and access control.
  • It is notoriously complex to secure, with attackers using privileged access, which AD controls, in over 80% of all attacks.
  • The consequences can be dire when an attacker uses Active Directory to compromise all critical resources and identities gaining access to key applications, data and tampers with security policies, said Srikant Vissamsetti, senior vice president of engineering at Attivo Networks.
  • We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.

SteelCloud Awarded Patent for Microsoft Active Directory Compliance Synchronization

Retrieved on: 
Tuesday, January 5, 2021
Directory services, Microsoft software, Active Directory, Windows, Group Policy, System software, Computing

ASHBURN, Va., Jan. 5, 2021 /PRNewswire/ -- SteelCloud LLC, a STIG and CIS compliance automation software developer, announced today that the USPTO has awarded it patent 10,880,171, for "Group Policy Object Update Compliance and Synchronization."

Key Points: 
  • ASHBURN, Va., Jan. 5, 2021 /PRNewswire/ -- SteelCloud LLC, a STIG and CIS compliance automation software developer, announced today that the USPTO has awarded it patent 10,880,171, for "Group Policy Object Update Compliance and Synchronization."
  • SteelCloud's automation identifies controls on every endpoint, where the customer's implementation of Microsoft's Active Directory Group Policy Objects (GPOs) is enforcing non-compliant policies.
  • GPO conflict synchronization allows ConfigOS customers to automate compliance and effectively flatten and simplify their implementation of Microsoft's Active Directory."
  • ConfigOS addresses Microsoft Windows workstation and server operating systems, SQL Server, IIS, IE, Chrome, and all of the Microsoft Office components.

QuantaStor 5.8 Released with Automated Reporting, Zero-Touch Maintenance, and Single Sign-On with LDAP

Retrieved on: 
Tuesday, November 24, 2020
Directory services, Computer access control, Computing, Computer networking, OpenLDAP, Active Directory, Directory service, Lightweight Directory Access Protocol, Single sign-on, Apple Open Directory, Oracle Identity Management

QuantaStor 5.8 includes new automation features around zero-touch maintenance, single sign-on security features, and automated reporting capabilities for monitoring storage grids and grid health.

Key Points: 
  • QuantaStor 5.8 includes new automation features around zero-touch maintenance, single sign-on security features, and automated reporting capabilities for monitoring storage grids and grid health.
  • "Simplifying storage management has been our main goal with QuantaStor since the beginning and we are happy to further that with this release."
  • Zero-Touch Maintenance - QuantaStor now fully automates the management operations to bring a system to full health after replacing bad media.
  • Single Sign-On with LDAP & Active Directory - QuantaStor's security system has been enhanced to support single sign-on authentication of management users via Active Directory and OpenLDAP.

PanTerra Announces Additional Enterprise Feature Enhancements for Streams

Retrieved on: 
Tuesday, October 6, 2020
Directory services, Computer access control, Directory service, Active Directory, Computing, Computer networking, Operating systems

The Streams Extension for Microsoft Teams integrates the Streams secure communications infrastructure within the Teams user interface allowing seamless Click-to-Call from any device.

Key Points: 
  • The Streams Extension for Microsoft Teams integrates the Streams secure communications infrastructure within the Teams user interface allowing seamless Click-to-Call from any device.
  • PanTerra also introduces standard Active Directory for Streams that can be used to provision new Streams users based on Active Directory user and groups and sync data between Active Directory and Streams for users and groups.
  • Arthur continued, With Microsoft Teams and Active Directory integration as well as enterprise group faxing, Streams continues to deliver solutions for our customers.
  • Let Streams and PanTerra bring out the best in your enterprise.