NEW Stealthbits Module: The Active Directory Permissions Analyzer

Stealthbits has launched a new StealthAUDIT Active Directory Permissions Analyzer Module. It provides advanced analysis and reporting on AD activity.

 

What’s Stealthbits?

Stealthbits not only protects an organisation’s sensitive data, but the credentials used to access that data. It removes inappropriate data access, enforces security policies, and detects advanced threats.

Stealthbits covers three main areas:

  • Data access and governance
  • Active Directory security
  • Privileged access management

 

What’s StealthAUDIT?

StealthAUDIT is a management platform designed by Stealthbits. Simply put, it offers a fresh perspective on your data, allowing you to derive key information about how and where it’s being accessed. The platform automates the collection and analysis of the data you need to answer complex questions regarding the management and security of critical IT assets.

StealthAUDIT contains over 40 built-in data collection modules covering both on-premises and cloud-based platforms.

A brand new module has been added to the platform: the StealthAUDIT Active Directory Permissions Analyzer.

 

Tell me more?

The Active Directory is a directory service developed by Microsoft for Windows domain networks. It stores information about objects on the network and makes this information easy for administrators and users to access.

Convenient? Sure. Active Directory is always authenticating users and granting access to connected resources. But as helpful and efficient this is, sometimes users gain too much access by accident, which can compromise Active Directory security.

The Active Directory Permissions Analyzer module provides you with key information about the permissions available to specific users and what they’re able to do with those capabilities.

 

How can the StealthAUDIT Active Directory Permissions Analyzer protect my organisation?

  • Shadow access rights. Users can proactively identify attack paths that bad actors can take to move laterally, escalate privileges, compromise domains, and gain access to confidential data.
  • User object permissions. Users can pinpoint instances where permissions are applied to Active Directory user objects. This ensures that information isn’t read, written or deleted without authorisation.
  • Group membership change permissions. Users can understand which trustees can change the membership of Active Directory group objects.
  • Group object permissions. Users can identify instances where permissions are applied to Active Directory group objects.
  • OU permissions. Users can quickly analyse and report on where permissions are applied to Active Directory organisational units.
  • Computer permissions. Users can identify instances where permissions are applied to Active Directory computer objects. This helps to pinpoint rogue computer devices on the network.
  • Open access permissions. Users can assess instances of open access on AD objects.
  • Broken inheritance in AD permissions. Users can gain immediate insight into instances of broken inheritance on Active Directory objects.
  • AdminSDHolder permissions. Users can determine what permissions exist on the AdminSDHolder container within AD. If a breach occurs, the AdminSDHolder container can be exploited by an attacker to achieve persistence in an environment.
  • Domain replication permissions. Users can identify and track which accounts can replicate Active Directory information.
  • DCShadow permissions report. Users can identify accounts that have the capability of launching a DCShadow attack. This is when attackers create a fake domain controller in order to get access to AD resources.

 

Do you want to learn more about who can access what in your Active Directory?

Are you an existing StealthAUDIT user and are keen to add this module to your platform?

Let’s talk!

Our expert team is more than happy to discuss the technology in more detail and highlight how it can meet your organisation’s unique needs.

Get in touch with us today to learn more.

Our new website is now live

We’ve had a makeover! New season, new look! Over the years, Core to Cloud has gotten bigger and better. It was high time our website did the same. Built from the ground up, it’s been designed with you in mind, offering a user-friendly experience and a jargon-busting...

The Vectra Vision: AI-driven threat detection and response

Contrary to popular belief, cybersecurity breaches aren’t always caused by sophisticated attacks. In many cases, they happen as a result of entirely avoidable mistakes, such as unauthorized employee use, negligence, and human error, like clicking on links in phishing...

Partners

Share This