STEALTHbits provides AD admins with new insight into “shadow access” and other vulnerabilities
STEALTHbits Technologies, a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, announced the release of StealthAUDIT 9.0, their industry leading governance and reporting platform.
Security, compliance, and operations are often viewed as disparate practices when in fact, they are intimately connected and largely interdependent on each other.
Since inception, STEALTHbits has aimed to address the needs of multiple audiences within any organization, providing comprehensive auditing, reporting, governance, monitoring and management solutions, as a part of a single platform.
This unique vantage point has situated STEALTHbits as the convergence solution for these three critical management concepts, resulting in the industry’s most comprehensive Data Access Governance and Active Directory (AD) security portfolio.
With the launch of StealthAUDIT 9.0, STEALTHbits continues to bolster their multi-functional offering with capabilities that not only increase a customer’s overall security posture, but also help advance their complex cloud migration and AD consolidation projects.
Additionally, enhanced audit and compliance reporting is available to assist in the adherence to various compliance mandates that apply to their business, like GDPR or CCPA.
Cloud migration & AD consolidation
Among the many improvements in this latest release are new capabilities within StealthAUDIT’s Active Directory module. Via integration with StealthINTERCEPT, StealthDEFEND or STEALTHbits Active Directory Activity Monitor, StealthAUDIT for Active Directory has been enhanced to provide advanced historical analysis and reporting on AD activity.
“Active Directory is perpetually in motion. At every second of every day, Active Directory is authenticating users and authorizing their access to the resources it’s been connected to, fielding requests for information, and undergoing changes on the smallest and sometimes largest of scales,” said Rod Simmons, STEALTHbits’ VP of Product Strategy – Active Directory.
“Most organizations rely on this valuable information stream to address a wide variety of real-time requirements aligning to security, compliance, and operational concepts. However, many don’t realize that the answers to some of their most difficult challenges reside in this very same dataset.
“StealthAUDIT is providing industry-first levels of history-driven insight within Active Directory, clearly illuminating operational and security risks that have plagued admins for nearly two decades.
“Hidden risks such as “shadow access” where seemingly benign entitlements or environmental changes result in the ability to perform privileged functions are now clear as day with the analysis we’re able to perform,” Simmons continued.
In StealthAUDIT 9.0, users can now perform bulk, historical, and contextual analysis of Active Directory activity data to answer the most challenging questions AD administrators face, such as:
- Where are groups being used?
- Who and what interfaces with each system?
- Where have applications been hardcoded to specific Domain Controllers?
- What are the costliest queries being run against AD?
- Which changes are affecting sensitive data access or elevating privileged access rights in unapparent ways (aka Shadow Access)?
Expanded platform support and interoperability
As a part of the StealthAUDIT 9.0 launch, STEALTHbits has introduced a new module for Oracle database auditing and compliance reporting, providing the ability to collect and report on permissions, activity events, sensitive data and configuration related information within Oracle database environments.
“Data privacy and security applies to all types of data in all the places it can be stored. Much of the most sensitive data within any organization originates from or resides within database platforms like Oracle – especially for mission-critical applications in the world’s largest enterprises,” said Adam Laub, STEALTHbits’ CMO.
“As part of STEALTHbits’ comprehensive Data Access Governance suite for structured and unstructured data, StealthAUDIT for Oracle automates the process of understanding where Oracle databases exist, who has access to them and how, who or what is leveraging their access privileges, where sensitive information resides, and how each database has been configured.”
In addition to these important new enhancements, StealthAUDIT 9.0 also includes Microsoft Azure Information Protection (AIP) integration, capable of collecting AIP Protection labels and scanning for sensitive data within files protected by AIP.
A new REST API provides yet another way for third party applications to integrate with StealthAUDIT, enabling queries of StealthAUDIT’s backend database.