In the latest releases of StealthDEFEND®, StealthINTERCEPT®, and Stealthbits® Activity Monitor, Stealthbits has added new and enhanced AD attack detections to our comprehensive library of detectable attacks. Additionally, Stealthbits has provided new tools to remove the signal-to-noise ratio within important datasets like Active Directory LDAP activity, allowing you to more easily pinpoint attack behaviors. Auto-response playbooks provide immediate reaction and containment of detected attacks and new follow-up actions can be linked and auto-triggered based on the results of previously executed responses.
To learn more about the many enhancements we’ve made across StealthDEFEND, StealthINTERCEPT, and Stealthbits Activity Monitor, register for the webinar, where we’ll cover:
Pass-the-Ticket (New) - Detect the theft of Kerberos Ticket Granting Tickets (TGT) and their use by a threat actor for lateral movement
Group Managed Service Account (GMSA) Exploitation (New) - Detect unauthorized retrieval of Group Managed Service Account passwords
Golden Ticket & Forged PAC (Enhanced) – leverage new Ticket Granting Tickets (TGT) cache for more accurate detection
User Behavior Analytics (Enhanced) – detection speed and visualization of behavior anomalies over time have been improved
Automatic Threat Response via Playbooks – Playbooks are a series of response actions automatically following the detection of a threat. Now gain the ability to trigger follow-up playbooks based on whether the actions in the first playbook were successful or not
Enhanced LDAP Filtering – Remove LDAP query ‘noise’ and improve threat detection by filtered based on search scope, attributes requested and returned, and number of items returned
Active Directory Read Event Auditing – Gain the ability to enable surgical auditing of attribute read events that could indicate reconnaissance or other nefarious activities
FSMO Role Owner Changes – Detect when FSMO roles are moved or seized by a new system
Azure Active Directory Monitoring – Check for varying changes that could signal a threat (Stealthbits reports on over 800 events across different categories and services)
Led by Rod Simmons, VP, Product Strategy over Stealthbits’ Active Directory Solution Portfolio, you’ll learn about how these new features work and the value they bring.
If you are unable to attend, register to receive a recording after the live session.