If you’ve been paying attention to cyberattack actions, you already know that privileges are the key to an attacker’s success. But it’s not the privileges where your risk truly lies; it’s in the security revolving around identity. If you have admin with a password of ‘password”, it wasn’t the elevated privileges that did your organization in – it was the credential identity that provided the threat actor with said elevated privileges.
And why was it so easy for an elevated identity to be compromised? Weaknesses in your identity configuration, management, and monitoring are likely the cause.
Identity weaknesses are found in much more than just an insecure password – undocumented or forgotten accounts, permissions, and delegations; a lack of additional authentication factors; standing privileges; and more all plague most organizations (because we’re all so focused on dealing with the “next” issue). It’s these weaknesses that cybercriminals look for and take advantage of… all because they know you haven’t addressed them.
In this Real Training for Free webcast, 4-time Microsoft MVP Nick Cavalancia takes my seat as he first discusses why identity is your most important attack surface, using the MITRE ATT&CK Framework to demonstrate how nearly every action taken inevitably traces back to a weak identity attack surface.
Up next, you’ll hear from Yiftach Keshet, VP of Product Marketing at Silverfort as he shares common identity security gaps that exist in most environments that may be missed by most security practitioners. He’ll describe the root cause of each and dive in detail to how they are being exploited. These security gaps include:
- Service account misuse
- Unknown shadow admins
- Insecure configurations such as unconstrained delegation
- Vulnerable protocols such as NTLMv1
Yiftach will also demonstrate how it’s possible to detect and mitigate identity weaknesses through security controls that include multi-factor authentication and identity segmentation.
This Real Training for Free webcast will be full of practical real-world content! Register now!