NEW Stealthbits Module: The Active Directory Permissions Analyzer

Stealthbits has launched a new StealthAUDIT Active Directory Permissions Analyzer Module. It provides advanced analysis and reporting on AD activity.

 

What’s Stealthbits?

Stealthbits not only protects an organisation’s sensitive data, but the credentials used to access that data. It removes inappropriate data access, enforces security policies, and detects advanced threats.

Stealthbits covers three main areas:

  • Data access and governance
  • Active Directory security
  • Privileged access management

 

What’s StealthAUDIT?

StealthAUDIT is a management platform designed by Stealthbits. Simply put, it offers a fresh perspective on your data, allowing you to derive key information about how and where it’s being accessed. The platform automates the collection and analysis of the data you need to answer complex questions regarding the management and security of critical IT assets.

StealthAUDIT contains over 40 built-in data collection modules covering both on-premises and cloud-based platforms.

A brand new module has been added to the platform: the StealthAUDIT Active Directory Permissions Analyzer.

 

Tell me more?

The Active Directory is a directory service developed by Microsoft for Windows domain networks. It stores information about objects on the network and makes this information easy for administrators and users to access.

Convenient? Sure. Active Directory is always authenticating users and granting access to connected resources. But as helpful and efficient this is, sometimes users gain too much access by accident, which can compromise Active Directory security.

The Active Directory Permissions Analyzer module provides you with key information about the permissions available to specific users and what they’re able to do with those capabilities.

 

How can the StealthAUDIT Active Directory Permissions Analyzer protect my organisation?

  • Shadow access rights. Users can proactively identify attack paths that bad actors can take to move laterally, escalate privileges, compromise domains, and gain access to confidential data.
  • User object permissions. Users can pinpoint instances where permissions are applied to Active Directory user objects. This ensures that information isn’t read, written or deleted without authorisation.
  • Group membership change permissions. Users can understand which trustees can change the membership of Active Directory group objects.
  • Group object permissions. Users can identify instances where permissions are applied to Active Directory group objects.
  • OU permissions. Users can quickly analyse and report on where permissions are applied to Active Directory organisational units.
  • Computer permissions. Users can identify instances where permissions are applied to Active Directory computer objects. This helps to pinpoint rogue computer devices on the network.
  • Open access permissions. Users can assess instances of open access on AD objects.
  • Broken inheritance in AD permissions. Users can gain immediate insight into instances of broken inheritance on Active Directory objects.
  • AdminSDHolder permissions. Users can determine what permissions exist on the AdminSDHolder container within AD. If a breach occurs, the AdminSDHolder container can be exploited by an attacker to achieve persistence in an environment.
  • Domain replication permissions. Users can identify and track which accounts can replicate Active Directory information.
  • DCShadow permissions report. Users can identify accounts that have the capability of launching a DCShadow attack. This is when attackers create a fake domain controller in order to get access to AD resources.

 

Do you want to learn more about who can access what in your Active Directory?

Are you an existing StealthAUDIT user and are keen to add this module to your platform?

Let’s talk!

Our expert team is more than happy to discuss the technology in more detail and highlight how it can meet your organisation’s unique needs.

Get in touch with us today to learn more.

The Core of IT V4
Dec 02 2024

The Rise of Fake Crypto Apps: Malware Masquerading as Money-Making Tools

Cryptocurrency is everywhere these days, and as more people jump into this digital gold rush, cybercriminals are stepping up their game, too. One of their latest...
Nov 18 2024

Meta’s $91 Million Fine: What It Means for Businesses Everywhere

Cryptocurrency is everywhere these days, and as more people jump into this digital gold rush, cybercriminals are stepping up their game, too. One of their latest...
Oct 23 2024

BOG OFF AI, You Will Never Be Able to Replicate My Highly Muddled Mind

By Kelly Allen 10 years ago, when I started my career in cybersecurity, it was Machine learning, and now everyone seems to be talking about AI. But I have to say, I am...
Oct 08 2024

The Rising Tide of Cyber Threats: Recent Cybersecurity Incidents and Their Implications

In the sprawling digital landscape of the 21st century, cybersecurity is like the weather—constantly changing, often unpredictable, and occasionally downright...
An AI generated image of a woman with short hair wearing a suit and pink glasses
Oct 08 2024

Bridging the Divide: Addressing the Gender Gap in Cybersecurity for a More Efficient and Innovative Future

The cybersecurity industry, a digital battleground where hackers, ethical or otherwise, clash with an ever-evolving array of defences, should be a diverse and inclusive...
Sep 24 2024

The Chronicles of Cyberland: A Tale of Cybersecurity Resilience

Welcome to Cyberland, a place where the terrain is shaped not by mountains and rivers but by data streams, firewalls, and encryption algorithms. It's a whimsical world,...
Sep 11 2024

Unmasking the Threat: The Real Story Behind the CrowdStrike Incident

In the fast-paced world of cybersecurity, the devil is truly in the details. This was obvious in the recent CrowdStrike incident that had many business owners and IT...
Jun 27 2024

How Hackers Could Influence the UK Election

Cybersecurity Issues Linked with the Upcoming UK Election As the UK gears up for its upcoming election, the importance of cybersecurity has never been more important....
Jun 25 2024

Byte-Sized Battles

The Less Glamorous, Yet Crucial, World of Cybersecurity While cybersecurity might not be the most glamorous or immediately rewarding aspect of technology management,...
May 30 2024

Shocking Truth Revealed: The Real Cost of Cybersecurity Breaches in Retail Payment Systems

Where’s my McFlurry!?  Imagine this: It’s a hot summer afternoon, and you find yourself craving a cool, creamy McFlurry. You pull into the nearest McDonald's...

Trusted by CISOs and IT teams at over 150 organisations