Reducing Investigation Time: How to Quickly Parse True Positives

Posted by Eran Cohen on Aug 20, 2019 10:45:00 AM

In the world of security operations, quickly and accurately investigating security incidents is paramount. As a result, filtering out the non-consequential incidents from the consequential incidents helps reduce the investigative time for the security ops team.

Non-malicious True Positives pose the most headaches for SOC teams because they waste valuable time that could have been better spent investigating a malicious True Positive or even worse: a False Negative. However, it’s a highly manual process to parse non-malicious True Positives from the malicious. The process demands a significant amount of time, resources, and expertise from an already busy, overworked Security Ops team whose time is better used for consequential, high-impact tasks and projects.

Read More

Topics: Threat Mitigation, User Behavior, Adaptive Response, Identity Verification, Incident Response, Insider Threat, Adaptive Threat Prevention, Conditional Access

What's New in 3.1? New Dashboard, Exciting Integrations, and A Free Product!

Posted by Monnia Deng on Aug 7, 2019 10:50:42 AM

Preempt is happy to release version 3.1, available today! Included in the release are a brand new security assessment dashboard, exciting features offering more visibility and better password and network security, new technology partners and product integrations, and a free lightweight tool. Let’s delve into what you can expect with this release.

Read More

Topics: Adaptive Response, Threat Detection, continous monitoring, Adaptive Threat Prevention, Integration, Conditional Access, Security Efficiency, Ping

Security Weekly Interview: Securing Identity With Conditional Access

Posted by Monnia Deng on Jul 23, 2019 11:31:17 AM

Organizations often have incomplete views of who is accessing what, when, where and how across multiple applications and systems. Understanding a user and their behavior is critical to understanding corporate security risk. In an interview in Security Weekly's Business Security Weekly July 22 podcast, Preempt CEO Ajit Sancheti explains why organizations need to secure identity with conditional access, which allows security teams to take the appropriate remediation steps based on the level of risk.

Read More

Topics: Identity Verification, Incident Response, Insider Threat, Identity, Conditional Access

Empowering Employees to Reduce Security Incidents

Posted by Eran Cohen on Jul 2, 2019 11:15:00 AM

In the hustle and bustle of our modern world, we can all get easily lost in the noise. One kind of noise is most frustrating for security teams: the noise of security incidents. With more and more data feeds into your security analytics products, it seems like we are creating more problems for ourselves with the all of the alerts and not enough manpower. 

Read More

Topics: Adaptive Response, Multi-factor Authentication, Identity Verification, Credential Compromise, ueba, Incident Response, Threat Detection, Insider Threat, Conditional Access

Ping + Preempt: Securing All Access In Hybrid Cloud Environments

Posted by Monnia Deng on Jun 25, 2019 10:21:11 AM

Enterprises struggle to understand what is truly going on in their organization: what their users are doing and how to stop risky activity. Add in the complexity of a hybrid cloud environment, multiple legacy systems, unmanaged endpoints, and unsanctioned applications, and it's no wonder organizations struggle to get the insight needed to make real-time decisions and stop risky and potentially malicious activity. 

Preempt has always prioritized the need for contextual insight about threats and risk, using that information to enforce conditional MFA to every access attempt so that organizations can get a better grasp on security. In doing so, Preempt has partnered with Ping to give security teams the ability to extend conditional MFA to any network resource as well as any Ping-federated application on-premises or in the cloud.

Read More

Topics: Multi-factor Authentication, Cloud, Conditional Access, Ping

Brute Force Attacks: Denying the Attacker, Not the User

Posted by Heather Howland on May 13, 2019 9:39:49 AM

According to haveIbeenpwned.com, close to 8 billion accounts have been compromised. The site  provides a tool to see if any of your passwords have been compromised and are available on the dark-net. Once passwords are compromised, they are easily exposed to bad actors who can use them for brute force attacks and credential stuffing.

Read More

Topics: Privileged Users, password brute force, Credential Compromise, ueba, Incident Response, Threat Detection, Conditional Access

What State-Sponsored Attacks Can Teach Us About Conditional Access

Posted by Nir Yosha on May 3, 2019 11:52:00 AM

People often think that state-sponsored attacks from groups like Lazarus (North Korea), Fancy Bear (Russia) or menuPass (China) only target public federal organizations in Western nations like the U.S. This is simply not the case. In fact, attacks on large financial and retail institutions have increasingly been state-sponsored attacks hoping to create chaos more than just theft. These attacks largely come from U.S.-sanctioned states such as Iran, Russia and North Korea, as these hacking groups have come to realize that attacking private organizations can achieve the same goals as attacking public institutions.

Read More

Topics: Privileged Accounts, Credential Compromise, NTLM, Hacking, Ransomware, Lateral Movement, Attack Tools, Conditional Access

A Simplified Approach to Network Segmentation

Posted by Phil Meneses on Apr 25, 2019 10:59:31 AM

Network segmentation has long been one of the most valuable tools for protecting an enterprise’s assets. Flat, unsegmented networks architectures can allow nosey insiders to easily access sensitive information, while also enabling attackers to move laterally, escalate privileges and spread malware. Segmentation breaks the network into more logical segments and introduces new layers of control and the ability to apply tailored policies for each area.  

Read More

Topics: Conditional Access, Security Efficiency

CEO Interview: Today’s Threat Landscape Demands Conditional Access Everywhere

Posted by Matt Culbertson on Apr 15, 2019 1:46:05 PM

Today, too many organizations are approaching complex cybersecurity challenges by attempting to hire their way out of the problem while building disjointed and ineffective security implementations. In a recent interview with Security Weekly, Preempt CEO Ajit Sancheti explains what the modern threat landscape means for today’s enterprise security teams. His conversation with Paul Asadoorian, Founder and CEO of Security Weekly, also outlines how CISOs can use a Conditional Access security posture to address the challenges of the cybersecurity talent shortage and the unfortunate reality that most organizations can’t see or respond to malicious network activity in real-time.

Read More

Topics: Conditional Access