Pen Testing Active Directory

You may have been following our series of posts on pen testing Active Directory environments and learned about the awesome powers of PowerView. No doubt you were wowed by our cliffhanger ending — spoiler alert — where we applied graph theory to find the derivative admin!

We know from the many emails we received that you demanded a better ‘long-form’ content experience. After all, who’d want to read about finding hackable vulnerabilities using Active Directory while being forced to click six-times to access the entire series?

Thanks to the miracle of PDF technology, we’ve compressed the entire series into an easy-to-ready, comfy ebook format. Best of all, you can scroll through the entire contents without having to touch messy hyperlinks.

Get The Ebook Now
Or check it all out online, here.
Data Security

Practical PowerShell for IT Security, Part IV:  Security Scripting Platfor...

In the previous post in this series, I suggested that it may be possible to unify my separate scripts — one for event handling, the other for classification — into a single system. Dare I say it, a security platform based on pure PowerShell code? After I worked out a few details, mostly having to do with migraine-inducing PowerShell events, I was able to declare victory and register my patent for SSP, the Security Scripting…
Data Security

[Podcast] John P. Carlin: Lessons Learned from the DOJ (Part 1)

Last week, John P. Carlin, former Assistant Attorney General for the U.S. Department of Justice’s (DOJ) National Security Division, spent an afternoon sharing lessons learned from the DOJ. And because the lessons have been so insightful, we’ll be rebroadcast his talk as podcasts. In part one of our series, John weaves in lessons learned from Ardit Ferizi, Hacktivists/Wikileaks, Russia, and the Syrian Electronic Army. He reminds us that the current threat landscape is no doubt…
Data Security

[Podcast] Security Learn-It-Alls

Rather than referring our weekly podcast panelists as security experts, we’re now introducing them as security practitioners. Why? A popular business article on mindset brought to our attention the perils of having self-proclaimed titles, such as experts and gurus. It signals our “thirst for knowledge in a particular subject has been quenched.” That is far from reality! Security is a constantly evolving field, with new threats and vulnerabilities. To have a fighting chance, it would…
Data Security, Varonis News

Introducing the Automation Engine, DatAlert Analytics Rewind, and more

Put Least Privilege on Autopilot Getting to least privilege can be a nightmare. The first steps – tracking down inconsistent ACLs and remediating global access groups can turn even the most basic file share clean-up project into a huge to-do. And so we’re thrilled to announce the upcoming availability of the Automation Engine, which will take the headache out of least privilege by discovering undetected security threats and fixing hidden vulnerabilities without all the manual…
Data Security

Verizon DBIR 2017: “Look Kids, There’s Big Ben!”

The Verizon 2017 Data Breach Investigations Report (DBIR) is out in all its pithy and witty glory, and yet given the actual content, Verizon missed an opportunity to quote Clark Griswold from his European Vacation: “Hey look kids, there’s Big Ben, and there’s Parliament… again.” The biggest takeaway from my review of the DBIR is that organizations are stuck on a great big roundabout passing the same risks and bad guys again and again. Financially- and…
Data Security

Let us Now Praise Varonis DatAnswers

It’s easy to forget a bygone era when digital knights ventured into the dark Internet forests to do battle with search engine dragons. They pulled answers out of the virtual claws and teeth of such search reptiles as Alta Vista, Ask Jeeves, Lycos, and Excite. It was time of gallantry and legendary bravery. I myself remember suiting up in digital armor and wielding a corded mouse as I battled the last of the prehistoric search…
Data Security

[Podcast] Presenting Cybersecurity Ideas to the Board

There’s been a long held stigma amongst our infosec cohort and it’s getting in the way of doing business. What’s the stigma, you ask? “Know-it-all” techies who are unable to communicate. Unfortunately, this shortcoming also puts our jobs at stake. According to a recent cybersecurity survey, the board of directors polled said that IT and security executives will lose their jobs because of their failure to provide the board with useful, actionable information. It gets…
Data Security

ITRC: 2017 Data Breaches on Record Pace

The Identity Theft Resource Center (ITRC) is this blog’s go-to source for current breach statistics. As of April 18, ITRC breach count has reached 456 incidents. That puts us ahead of last year’s sizzling pace of 356 for the same period. If you do the math, then at this rate the number of breaches will reach 1500 by the end of 2017. And that’s way ahead of 2016’s record setting count of 1093 breaches. What’s…
Data Security, Varonis News

Varonis + Splunk: Epic Threat Detection and Investigations

We’re bringing our powerful DatAlert functionality to Splunk® Enterprise to give you comprehensive visibility into data security with our new Varonis App for Splunk – now available for download on splunkbase! DatAlert can now send alerts to the Varonis App for Splunk, providing Splunk additional context into anomalous file system, email, and Active Directory behavior. Users of the App can view Varonis alerts directly from Splunk Enterprise, and drill into DatAlert for additional insight into…
Data Security, Varonis News

2017 Varonis Data Risk Report: 47% Had at Least 1,000 Sensitive Files Expos...

Today we released the 2017 Varonis Data Risk Report, showcasing an alarming level of exposure for corporate and sensitive files across organizations, including an average of 20% of folders per organization open to every employee. Using the Varonis Data Security Platform (DSP), Varonis conducted over a thousand risk assessments for customers and potential customers on a subset of their file systems. The assessment provides insight into the risks associated with corporate data, identifies where sensitive…
Data Security

[Podcast] When Security is a Status Symbol

As sleep and busyness gain prominence as status symbols, I wondered when or if good security would ever achieve the same notoriety. Investing in promising security technology is a good start. We’ve also seen an upsurge in biometrics as a form of authentication. And let’s not forget our high school cybersecurity champs! However, as we celebrate new technologies, sometimes we remain at a loss for vulnerabilities in existing technologies, such as one’s ability to guess…
Compliance & Regulation

Data Security Compliance and DatAdvantage, Part III:  Protect and Monitor

At the end of the previous post, we took up the nuts-and-bolts issues of protecting sensitive data in an organization’s file system. One popular approach, least-privileged access model, is often explicitly mentioned in compliance standards, such as NIST 800-53 or PCI DSS. Varonis DatAdvantage and DataPrivilege provide a convenient way to accomplish this. Ownership Management Let’s start with DatAdvantage. We saw last time that DA provides graphical support for helping to identify data ownership. If…