Jim Barkdoll becomes CEO of Stealthbits Technologies

Stealthbits Technologies has appointed Jim Barkdoll as CEO. A data security veteran with a long, successful track record, Barkdoll most recently served as CEO of Titus, an industry leader in the data classification and security market.

To further strengthen Stealthbits’ product, marketing and finance organizations, the company has expanded its leadership team with the addition of Mark Cassetta as General Manager, Karyl Parks as CMO and Sarah Foottit as CFO. These additions will bolster the expertise of Stealthbits’ existing team, which has propelled the company’s aggressive growth trajectory and customer success during a challenging year.

“Businesses worldwide continue to struggle while wasting time, money and focus in deploying and maintaining two or more technology stacks to address data privacy and security needs,” said Barkdoll. “Stealthbits fully recognizes that meeting this challenge requires an identity-centric view into subject data contained within virtually any data repository. I’m excited to join the expanded management team to drive rapid adoption of this fresh approach to data security and privacy.”

The efforts of the expanded management team are fortified by other recent leadership additions, including Sebastien Roques as Senior Vice President International, leading efforts in EMEA and Asia Pacific; Gavin Ashton as Security Strategist for Stealthbits’ Active Directory solution portfolio; and Bob Arnold as Vice President, U.S. Federal.

“I am excited to work with Jim as CEO along with the new members of Stealthbits’ global management team to accelerate growth while deepening our customer and strategic partner relationships,” said Steve Cochran, Founder and Chairman of Stealthbits. “The team’s proven expertise in building revenues and market share will prove invaluable as we meet the needs of enterprise and midmarket customers, strengthen channel partnerships and speed the delivery of game-changing security and data privacy solutions.”

Stealthbits’ comprehensive identity-centric approach is essential to customers as they strive to address privacy requirements and security threats at the data, directory and system layers of their hybrid IT infrastructure. In September, Stealthbits announced the latest version of its next-generation Privileged Activity Management (SbPAM) 3.0 solution, which reinforces the company’s continued efforts to simplify and streamline the complexities of securing privileged access management.

New infosec products of the week: October 2, 2020

Cohesity SiteContinuity: Protecting business-critical apps across a single platform

Cohesity SiteContinuity is an automated disaster recovery solution that is integrated with the company’s backup and continuous data protection capabilities — making it the only web-scale, converged solution to protect applications across tiers, service levels, and locations on a single platform.

infosec products October 2020

Stealthbits SbPAM 3.0: A modernized and simplified approach to PAM

SbPAM 3.0 continues Stealthbits’ commitment to renovate and simplify PAM. The company approaches PAM from the perspective of the abundance of privileged activities that need to be performed, not a group of privileged admins needing accounts.

infosec products October 2020

BullGuard 2021 security suite features multi-layered protection

The BullGuard 2021 security suite empowers consumers to confidently perform sensitive online transactions in absolute safety and rest assured knowing cyber threats are stopped dead in their tracks. BullGuard 2021 blocks malicious behavior before it can do damage, even when malware attempts to intentionally take a consumer’s device offline.

infosec products October 2020

Siemens Energy MDR defends energy companies against cyberattacks

MDR’s technology platform, Eos.ii, leverages AI and machine learning methodologies to gather and model real-time energy asset intelligence. This allows Siemens Energy’s cybersecurity experts to monitor, detect and uncover attacks before they execute.

infosec products October 2020

Fleek launches Space, an open source, private file storage and collaboration platform

Space’s mission is to enable a fully private, peer to peer (p2p) file and work collaboration experience for users. Space is built on Space Daemon, the open source framework, and backend of the platform. Space Daemon enables other apps, similar to Space, to build privacy-focused, encrypted p2p apps.

infosec products October 2020

AWS launches Amazon Timestream, a serverless time series database for IoT and operational applications

Amazon Timestream simplifies the complex process of data lifecycle management with automated storage tiering that stores recent data in memory and automatically moves historical data to a cost-optimized storage tier based on predefined user policies.

infosec products October 2020

Healthcare cybersecurity in the time of coronavirus

Brno University Hospital, in Brno, Czech Republic, which is one of the country’s Covid-19 testing centers, has recently been hit by a cyberattack. The nature of the attack has yet to be shared, but looks like it might be ransomware. The result? Some surgeries have been postponed and some patients redirected to nearby hospitals.

healthcare cybersecurity coronavirus

On Sunday, the US Health and Human Services Department was hit by a distributed denial of service (DDoS) attack that, luckily, did not impact the agency’s operation in a meaningful way. Its website, which provides information to the US public about how to cope with the Covid-19 situation, was not affected by the attack.

By now, those hoping that cybercriminals would spare healthcare organizations from cyber attacks while the Covid-19 virus spreads across the world must have realized that there are always people who have no qualms about exploiting a bad situation for their own advantage.

Nothing’s changed, really

“We’d like to think that in a world where everyone is effectively in the same boat, a sense of togetherness, an unwritten code of conduct, or even a sense of morality would prevent bad actors from doing bad things – even if just temporarily. This obviously is not the case and if anything should serve as a reminder to organizations that one threat hasn’t been traded for another,” Adam Laub, CMO, Stealthbits, told Help Net Security.

“To the contrary, individuals and groups that prey on the weak will likely look to take advantage of this dire situation, causing more disruption to organizations already reeling from the financial distress, business disruption, and human resource nightmare the coronavirus pandemic has inflicted in just a short period of time,” he added.

“What’s particularly disturbing about this latest incident at the U.S. Health and Human Services Department is that the intent of the attack appears to be driven entirely by malice, seeking only to prevent the men and women trying desperately to protect millions of American citizens from harm from doing their jobs, as well as spread false information in order to generate more panic and uncertainty.”

Patients might end up bearing the brunt of successful cyber attacks but, Covid-19 or no Covid-19, the danger for healthcare organizations has effectively remained the same – only the stakes got higher.

Healthcare organizations must remain vigilant on all fronts

It is crucial for healthcare organizations and agencies not to ignore cybersecurity and data protection at this moment.

Educating healthcare employees about the increased risk of ransomware attacks, Covid-19-themed phishing attacks and disinformation is more important than ever.

Nurses and other healthcare professionals are, according to Proofpoint, one of phishers’ preferred targets as they have access to all the data.

Generally, healthcare organizations share many weak links and attack surfaces as every other industry – phishing attacks on employees, cloud infrastructure and a remote workforce – but there are some challenges only they face, notes Sam Roguine, a director at Arcserve.

These include the security of medical devices, Wi-Fi access for patients (the patient Wi-Fi network should be fully isolated from the primary one) and, at the moment, shifting priorities driven by the Covid-19 outbreak.

“If the scenarios in Italy or China were to repeat in the United States, many hospitals will be in ‘Code Black,’ which is when the influx of patients is bigger than what hospital can handle. Hospitals will have to prioritize patient care, reducing the focus on everything else, including business continuity and disaster recovery (BCDR) and cybersecurity. This is a gap that hackers are going to leverage,” he noted.

Healthcare organizations must implement best-in-class centralized security with enhanced detection and response, review security practices, and include every aspect of the organization’s operations – not just obvious IT systems like servers, but also medical devices, employees wearables, cloud services, patient systems, and more, he says, and recommends them to follow the NIST Cybersecurity Framework for every aspect of their operations.

“CISOs must remain very vigilant. Cyberattacks can and will affect hospital operations, and the ability of healthcare organizations to cope with Covid-19 patients. When CISOs plan for scenarios like this one, cybersecurity, backup, disaster recovery and continuous availability technologies cannot be underestimated or placed on the backburner,” he concluded.

STEALTHbits’ free program helps orgs mitigate risks associated with Microsoft’s pending AD update

STEALTHbits, a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, announced a free program designed to help organizations mitigate the risks of operational outage associated with Microsoft’s pending update to Active Directory slated for March 2020.

The update, which applies to nine (9) Windows Operating System levels and many more versions, aims to address a vulnerability that exposes Active Directory Domain Controllers to privilege escalation scenarios.

Microsoft is recommending organizations enable the LDAP channel binding and LDAP signing features they will enforce by default in March before the update is provided, as a means by which to identify systems, applications, and other devices that will be incompatible with the more secure configuration.

They are also advising organizations to contact the providers of incompatible technologies to obtain necessary fixes if configuration options aren’t already available to achieve compatibility.

“As a security software provider, we are in full support of Microsoft’s move to improve the security of Active Directory and the vast number of resources connected to it,” said Jeff Warren, GM Products at STEALTHbits Technologies.

“This update underscores the importance of Active Directory not just from a security standpoint, however. Operationally, this security-focused update has the potential of affecting system uptime and business continuity on a broad scale.”

He continued, “In conjunction with Microsoft’s native LDAP authentication-focused auditing or standalone, our StealthINTERCEPT platform and its low-level, surgical LDAP query monitoring capabilities can make the exercise of identifying incompatible technologies simple and safe for any organization.

“Given the tight timelines and the severity of the situation, we’re willing to help anyone who needs it to figure out exactly what they’re dealing with before the update is released.”

StealthINTERCEPT’s LDAP module is capable of capturing the fine-grained details of the queries being executed against Active Directory. These details not only include whether or not the query was executed securely and where it was coming from, but what the query was actually requesting from the directory.

Using StealthINTERCEPT’s LDAP blocking functionality, organizations can also simulate the effect of the update in broad or selective ways, without actually modifying Active Directory configurations.

STEALTHbits StealthRECOVER 1.5: Easier and faster AD rollback and recovery

STEALTHbits Technologies, a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, announced the release of StealthRECOVER 1.5, their fine-grained rollback and recovery solution for Active Directory (AD).

As a component of STEALTHbits’ AD Management and Security solution portfolio, StealthRECOVER enables organizations to quickly and easily rollback and recover unintended and unwanted directory changes. Users are enabled with point in time rollback and recovery of AD objects, attributes, group memberships, DNS, state of accounts, and more, all without any downtime.

Among numerous enhancements included in StealthRECOVER 1.5, STEALTHbits has provided new automation capabilities through the introduction of PowerShell cmdlets designed to automate tasks around recovery, backup, right assignments, and managing domains.

Not only does this allow administrators to execute rollback and recovery functions outside the StealthRECOVER console easily through PowerShell, but provides for enhanced integration between other products in STEALTHbits’ portfolio like StealthINTERCEPT, StealthAUDIT, and StealthDEFEND, or any third-party solution capable of executing PowerShell commands.

In addition, STEALTHbits has included an AD Users and Computers (ADUC) snap-in to initiate rollback and recovery actions in StealthRECOVER, directly form the ADUC console.

As many administrators use the ADUC console on a regular basis to perform their AD administrative tasks, STEALTHbits has worked to streamline this experience by limiting the number of places they need to go, tools they need to use, and clicks they need to perform to get the job done quickly, accurately, and efficiently.

Similar to the PowerShell cmdlets, this enhancement allows administrators to initiate rollback and recovery actions without opening StealthRECOVER to facilitate the process.

“StealthRECOVER is a really important component of our Active Directory solution portfolio,” said Adam Laub, STEALTHbits’ Chief Marketing Officer.

“While AD rollback and recovery is far from a new concept, our solution, the capabilities it provides, and the ease in which it allows administrators to perform highly complex, highly critical, time-sensitive functions hits the nail on the head in terms of what AD administrators and security professionals need right now.”

He continued, “AD is more critical than it has ever been. It’s critical that keeping AD healthy and out of harm’s way is easier than it has ever been too.”

Additional enhancements

StealthRECOVER 1.5 also provides users with multiple performance and functionality improvements, including:

  • Microsoft Windows Server 2019 support
  • LDAP communication security compatibility
  • Browser security enhancements
  • PostgreSQL v11 support
  • Rollback performance improvements
  • New .NET-based StealthRECOVER installer
  • General UI improvements

New infosec products of the week: January 17, 2020

Masergy Shadow IT Discovery: Automatically identify unauthorized SaaS applications

Masergy Shadow IT Discovery immediately scans and identifies all applications, providing clients visibility through the SD-WAN management portal. Until now, IT departments have had to rely on a variety of endpoint security solutions and guesswork to access this information. The time savings and decreased threat exposure will help IT organizations increase their security posture and keep up with the blind spots created by unsanctioned usage.

infosec products January 2020

STEALTHbits StealthINTERCEPT 7.0 strengthens enterprise passwords and AD security

The latest enhancements delivered in StealthINTERCEPT 7.0 aim to provide organizations advanced capabilities to thwart attacks against AD and provide progressive password policy and complexity improvements that boost security without causing poor user and administrator experiences. The solution can now detect successful and failed Kerberos pre-authentication events in order to provide security analysts visibility into nefarious activities.

infosec products January 2020

Micro Focus AD Bridge 2.0: Extending security policies and access controls to cloud-based Linux

Micro Focus AD Bridge 2.0 offers IT administrators the ability to extend Active Directory (AD) controls from on-premises resources, including Windows and Linux devices to the cloud – a solution not previously offered in the marketplace. Organizations can leverage existing infrastructure authentication, security as well as policy, in order to simplify the migration of on-premises Linux Active Directory to the cloud.

infosec products January 2020

DataVisor dEdge: Uncover known and unknown attacks early

DataVisor dEdge is an anti-fraud solution that detects malicious devices in real-time, empowering organizations to uncover known and unknown attacks early, and take action with confidence. dEdge provides complete visibility into digital attacks, generating unique device IDs and accurate fraud scores – no matter how fraudsters manipulate devices.

infosec products January 2020

STEALTHbits StealthINTERCEPT 7.0 strengthens enterprise passwords and AD security

STEALTHbits released StealthINTERCEPT 7.0, their real-time Active Directory (AD) policy enforcement solution that audits and blocks unwanted and unauthorized changes, authentications, and queries within the world’s most complex AD infrastructures.

STEALTHbits StealthINTERCEPT 7.0

With 95 million AD accounts attacked daily and 56% of breaches taking a month or longer to discover, attackers still have the upper the hand on security. While many organizations do some general monitoring, auditing, and threat detection, it’s not enough to slow down the number of cyber-attacks, which increased 54% in the first half of 2019.

The latest enhancements delivered in StealthINTERCEPT 7.0 aim to provide organizations advanced capabilities to thwart attacks against AD and provide progressive password policy and complexity improvements that boost security without causing poor user and administrator experiences.

Among dozens of significant enhancements, StealthINTERCEPT 7.0 can now detect successful and failed Kerberos pre-authentication events in order to provide administrators and security analysts visibility into nefarious activities like password spraying attempts using tools like Kerbrute early in the attack kill chain.

This release also allows users to audit and block AD User Account Control (UAC) and DNS configuration changes, as well as detect and block LDAP queries attempting to identify where sensitive data resides and the best attack path to it (e.g. attackers leveraging tools like Bloodhound).

While passwords can be a significant source of irritation for end-users and administrators alike, they still play a critical role in organizational defenses and workplace experiences.

StealthINTERCEPT 7.0 contains a number of significant enhancements focused on strengthening account passwords, headlined by the ability to compare user passwords against the “Have I Been Pwned” database of 550+ million known breached passwords and prevent them from being used at their time of creation.

This release also allows administrators to more granularly control password requirements to ensure compatibility with all resources and provide users clear definition of password policies and rejected password feedback during the password change process.

To further improve passwords and keep attackers from guessing common substitutions, organizations can now control which character replacements are allowed and which are not (e.g. $=S or @=A). To facilitate smooth operations, customers can now test new password policies prior to rollout and evaluate any potential impacts they would cause if established.

“As is the goal with every release of StealthINTERCEPT, the enhancements in v7.0 are aimed at providing easy to use capabilities to improve organizational defenses without burdening users or administrators,” stated Rod Simmons, Vice President of Product Strategy, STEALTHbits Technologies.

“We’ve all been hearing for years about alert fatigue and a lack of resources in the cybersecurity space. One of the most beautiful things about StealthINTERCEPT is its ability to help security and even operational teams move beyond the never-ending deluge of alerts and actually prevent attackers, malicious insiders, and even well-intentioned administrators from violating security policy and operational policies in the first place.”

STEALTHbits now supports Google Cloud’s Managed Service for Microsoft Active Directory

STEALTHbits, a leading cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, announced support for Google Cloud’s Managed Service for Microsoft Active Directory as it joins Google Cloud’s Partner Advantage program.

Google’s Managed Service for Microsoft Active Directory (AD) is a highly available, hardened Google Cloud service running actual Microsoft AD enabling customers to manage cloud-based AD-dependent workloads, automate AD server maintenance and security configurations, and connect on-premises AD domains to the cloud.

STEALTHbits Technologies saw an opportunity to continue to co-innovate with Google Cloud and offer a consistent security approach across cloud, on-premise, and hybrid environments.

“At STEALTHbits, we work to secure every organization’s most valuable targets – their credentials and data,” said Rod Simmons, VP of Product Strategy for Active Directory.

“Whether operating Active Directory in a purely on-prem, cloud-based, or more commonly, hybrid environment, our customers can achieve the visibility and security they need with our flexible, innovative, responsive Active Directory security solutions,” Simmons continued.

“Customers today are deploying Active Directory on Google Cloud and across hybrid and multi-cloud environments, and they need to ensure the highest levels of security at each point,” said Manvinder Singh, Director, Partnerships at Google Cloud. “We’re excited to partner with STEALTHbits to help them do so.”

Leveraging StealthAUDIT and STEALTHbits Privileged Activity Manager (SbPAM) solutions, customers obtain critical capabilities around auditing, reporting, governance and privileged access management for their Google Managed AD environment.

“Our just-in-time (JIT) privileged access solution, SbPAM, no longer focuses on privileged accounts, but rather the privileged activity, or action, the user wishes to perform,” said Martin Cannard, VP of Product Strategy – Privileged Access Management at STEALTHbits.

“Through the use of our zero standing privileges (ZSP) approach with STEALTHbits Privileged Activity Manager, organizations can finally reduce their threat surface and fix the problem at the source by eliminating the vast majority of privileged accounts, and removing administrative privileges when not in active use,” Cannard continued, “SbPAM provides just enough privilege, just in time, regardless of whether the environment is hosted on-prem, or Google’s Managed Service for Active Directory.”

New infosec products of the week: December 13, 2019

IBM Security adds AI features to its Cloud Identity solution

IBM Cloud Identity now features AI-based adaptive access capabilities that help continually assess employee or consumer user risk levels when accessing applications and services. The solution escalates suspicious user interactions for further authentication, while those identified as lower risk are “fast tracked” so they can access applications and services they need.

infosec products December 2019

STEALTHbits launches Privileged Activity Manager with zero standing privilege architecture

STEALTHbits Privileged Activity Manager is a next generation Privileged Access Management solution that seeks to not just control privileged accounts, but effectively reduce the quantity of them altogether using a variety of modern techniques, such as the use of ephemeral accounts and a just-in-time (JIT), just-enough privilege (JEP) approach to privileged access.

infosec products December 2019

ClearDATA Comply: A SaaS solution for automated healthcare cloud compliance

Comply provides healthcare organizations direct access to the cloud with automated compliance and remediation, as well as a real-time compliance dashboard, facilitating rapid adoption of cloud services with peace of mind. Combined with ClearDATA’s cloud services expertise and deep understanding of complex healthcare compliance frameworks like HIPAA and GDPR, Comply is designed to streamline compliance by automatically enforcing technical controls according to different standards and regulations across multiple cloud services thereby achieving and maintaining a compliant posture.

infosec products December 2019

McAfee MVISION Cloud for Containers: A CASB and CSPM integrated security platform

Leveraging NanoSec’s zero trust application visibility and control capabilities for container-based deployments in cloud environments, McAfee MVISION Cloud for Containers provides customers with the ability to speed up application delivery while enhancing the governance, compliance and security of their container workloads.

infosec products December 2019

Spirent launches C200 appliance, a security and application performance testing solution

Enabling industry-leading 100G and Crypto performance testing, the C200 represents a significant expansion of the Spirent CyberFlood security and application performance testing solution family. An all-in-one solution, the C200 packs the full capabilities of CyberFlood into a quint-speed appliance that uses only 1U of rack space. Available immediately, the C200 provides carrier-class performance for applications, attacks and cryptographic testing.

infosec products December 2019

Kanguru launches a new biometric fingerprint access flash drive

This biometric fingerprint access flash drive supplants the bulky pinpads and fussy combo keypads of leading encrypted devices. With just a tap of the finger, the new Kanguru Defender Bio-Elite30 Fingerprint Hardware Encrypted Flash Drive provides quick access to encrypted files.

infosec products December 2019

Yubico launches latest version of its Authenticator mobile application for iOS

Yubico Authenticator now extends support for near field communication (NFC) on iOS, delivering tap-and-go flexibility in addition to authentication over a Lightning connection. The Yubico Authenticator App series now works seamlessly across all major desktop and mobile platforms, with full support for Windows, Mac, Linux, Android and iOS.

infosec products December 2019

STEALTHbits launches Privileged Activity Manager with zero standing privilege architecture

STEALTHbits, a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, announces its newest product line, STEALTHbits Privileged Activity Manager (SbPAM).

STEALTHbits uniquely fills critical gaps in Identity and Access Management (IAM) programs by extending visibility into data sources these solutions cannot connect to, or at levels they are not designed to provide.

STEALTHbits’ solutions discover these missing data access entitlements and privileged accounts with ease, extending and bolstering IAM’s control over the two things every attacker is after: credentials and data.

SbPAM is a next generation Privileged Access Management solution that seeks to not just control privileged accounts, but effectively reduce the quantity of them altogether using a variety of modern techniques, such as the use of ephemeral accounts and a just-in-time (JIT), just-enough privilege (JEP) approach to privileged access.

Rather than solely checking out credentials from a vault, SbPAM can elevate the access level of a standard account or create the account at the exact time it is needed to allow the completion of an admin task, then removes those privileges once the task is complete.

This zero standing privilege (ZSP) approach means that organizations can reduce risk of account compromise and increase overall security.

“STEALTHbits extends our customers’ IAM platforms into 80 percent of data that they don’t have visibility into today – namely unstructured data – allowing them to provision, deprovision and govern access to all data from a single platform,” explained Adam Laub, CMO at STEALTHbits.

“To facilitate faster and healthier IAM implementations, we clean and secure Active Directory, which is the primary identity store for 90 percent of organizations worldwide,” he continued.

“And this year, I am very excited to introduce the Gartner attendees to our newest product line, STEALTHbits Privileged Activity Manager (SbPAM), which embraces a zero standing privilege (ZSP) architecture for Privileged Access Management.”