Empowering Employees to Reduce Security Incidents

Posted by Eran Cohen on Jul 2, 2019 11:15:00 AM

In the hustle and bustle of our modern world, we can all get easily lost in the noise. One kind of noise is most frustrating for security teams: the noise of security incidents. With more and more data feeds into your security analytics products, it seems like we are creating more problems for ourselves with the all of the alerts and not enough manpower. 

Read More

Topics: Adaptive Response, Multi-factor Authentication, Identity Verification, Credential Compromise, ueba, Incident Response, Threat Detection, Insider Threat, Conditional Access

Ping + Preempt: Securing All Access In Hybrid Cloud Environments

Posted by Monnia Deng on Jun 25, 2019 10:21:11 AM

Enterprises struggle to understand what is truly going on in their organization: what their users are doing and how to stop risky activity. Add in the complexity of a hybrid cloud environment, multiple legacy systems, unmanaged endpoints, and unsanctioned applications, and it's no wonder organizations struggle to get the insight needed to make real-time decisions and stop risky and potentially malicious activity. 

Preempt has always prioritized the need for contextual insight about threats and risk, using that information to enforce conditional MFA to every access attempt so that organizations can get a better grasp on security. In doing so, Preempt has partnered with Ping to give security teams the ability to extend conditional MFA to any network resource as well as any Ping-federated application on-premises or in the cloud.

Read More

Topics: Multi-factor Authentication, Cloud, Conditional Access, Ping

Conditional Access Establishes Trust In the Network

Posted by Heather Howland on Mar 15, 2019 9:46:16 AM

Stolen or compromised credentials pose well-known risks to organizations and their employees. And as hackers and other malicious actors become more advanced and sophisticated in their techniques, the global threat is increasing. At a recent IT security conference, I spoke with a customer about an alert (TA18-276A) that the United States National Cybersecurity and Communications Integration Center (NCCIC) released late last year. The alert, titled “Using Rigorous Credential Control to Mitigate Trusted Network Exploitation,” outlines recommendations on how to overcome these challenges. In this blog, I’ll discuss how Conditional Access and detection of malicious use of tools and protocols can address the NCCIC’s recommendations.  

The alert provides information on how Advanced Persistent Threat (APT) actors are using multiple mechanisms to acquire legitimate user credentials. Once acquired, attackers can use the credentials to exploit trusted network relationships, in order to expand unauthorized access, maintain persistence, and exfiltrate data from targeted organizations. Some of the suggested NCCIC best practices for administrators to mitigate these threats include rigorous credential controls and privileged-access management, as well as remote-access control and audits of legitimate remote-access logs.

Read More

Topics: User Behavior, Risk, Multi-factor Authentication, Privileged Accounts, APT, User and Entity Behavior Analytics, Credential Compromise, Compliance

One Organization's Dilemma: Adding Security for Cloud Apps With Less User Disruption

Posted by Phil Meneses on May 31, 2018 1:42:59 PM

Late last year, we began conversations with the Tuck School of Business at Dartmouth College about their current security concerns. Like many organizations, a portion of their workloads are moving from on-premises to the cloud. One of the big concerns about moving to the cloud is how to secure infrastructure as companies currently do from within the defined perimeter of their internal network. They also needed to provide added security without heavily impacting the end user (students, faculty, and staff) experience. Because these are common concerns for many other organizations, I’d like to share how we helped this customer overcome these security concerns.

Read More

Topics: Multi-factor Authentication, Microsoft, Cloud, ADFS

From Public Key to Exploitation: How We Exploited the Authentication in MS-RDP

Posted by Eyal Karni on Mar 13, 2018 10:05:15 AM

 In March Patch Tuesday, Microsoft released a patch for CVE-2018-0886, a critical vulnerability that was discovered by Preempt. This vulnerability can be classified as a logical remote code execution (RCE) vulnerability. It resembles a classic relay attack, but with a nice twist: It is related to RSA cryptography (and prime numbers) which makes it quite unique and interesting.

Read More

Topics: Multi-factor Authentication, kerberos, Hacking, Black Hat, Security Advisory, Microsoft, RDP

How this Retailer Could have Kept my Business with Better IT Security Process

Posted by Heather Howland on Nov 3, 2017 8:24:28 AM

Hmm, I thought I remembered my password. As I tried to log into my account with a large retailer known for their athletic wear, I click the forgot password link. I enter my email address.

Read More

Topics: Security Skills, Multi-factor Authentication, Identity Verification, Credential Compromise

Stopping Breaches Requires Asking the Right Questions

Posted by Wade Williamson on Oct 26, 2017 4:07:21 PM

In a very short period of time, machine learning (ML) has had a major impact on the field of cybersecurity. Machine learning has proven to be adept at finding threats in ways that traditional signatures never could, whether detecting malware, finding vulnerabilities, or recognizing when a trusted employee has been compromised by an attacker.

Read More

Topics: Adaptive Response, Multi-factor Authentication

Remove the Barriers: How to Easily Expand MFA to Enterprise Applications

Posted by Heather Howland on May 23, 2017 6:00:00 AM

Earlier this year, Teen Vogue wrote an article in its magazine about why their readers should adopt Two-factor (2FA) or Multi-factor Authentication (MFA) for any of their applications or accounts that offer it. Why is this relevant? Because according to the Verizon Data Breach Investigations report, 63% of data breaches start with cracked or stolen passwords.  The fact that we are promoting and providing education around cyber-security to our teens today says a lot.

Read More

Topics: Multi-factor Authentication, Application Security