IntSights Active Directory Integration

Are you using Active Directory to authenticate your users? Are you concerned that your staff’s credentials are compromised and being leveraged by cyber-criminals? This is a problem that IntSights can help resolve.

:right
Unless you’ve been hiding under a rock in recent years you can’t help but have noticed the rise in cyber attacks using compromised credentials. Usernames and passwords are being recycled and resold by criminals around the globe and organisations face a growing challenge to spot these exposed credentials before they are exploited. IntSights, one of the fastest growing security companies in the world, has developed Active Directory Integration to help protect organisations against compromised credentials.

Identify

IntSights has developed and maintains a database of leaked credentials, continuously trawling sources like social media, paste sites, black markets, and the dark web. The AD Integration feature in their security platform allows organisations to leverage this collection, check their employees Active Directory accounts, and take action if any have been compromised. On a personal basis, or perhaps in a very small office, you might be using security tools such as haveIBeenPwned.com to see if your credentials have appeared in a publicly disclosed breach, but this doesn’t scale well if you have tens, hundreds, or thousands of accounts. IntSights provides the ability to indentify compromised accounts from across your organisation.

Validate

Picking out live credentials, rather than old ones- perhaps accounts of former staff, is an important step to help separate the wheat from the chaff. Compromised credentials can persist in these breach datasets indefinitely. For example if bob@example.com and Password.1! were made public those credentials would continue to be shared and sold even if “Bob” changed his password or left the organisation. An automated validation step is key to checking that this information needs to be acted on. Bob isn’t going to be happy if his password is being reset by IT every other day because an old password has turned up in the latest dataset, and IT themselves don’t want to be wasting their time chasing down already closed user accounts. IntSights automates your cyber-security teams’ ability to instantly validate compromised credentials against live accounts in your Active Directory and determine if a response is required.

Remediate

Once leaked credentials have been detected it’s important to act quickly and at any time of day or night. To help with this IntSights includes functionality to lock down accounts and trigger credential reset notifications. Once an appropriate policy is configured this too is automated so that no-one needs to be dragged out of bed to change their password. The IntSights platform aims to lock out these credentials as efficiently as possible whilst maintaining employee productivity. As with many cyber-security actions, this can be a careful balancing act.

More details on this Active Directory Integration and other features of the IntSights platform can be found on their website intsights.com.

IntSights was founded in 2015 by former members of an elite intelligence unit in the Israel Defense Forces. Equipped with a deep understanding of how threat actors think, collaborate, and act, they set out to build a solution that enables companies to use external intelligence to change the way they protect themselves.

In addition to my standard Declaration/Disclaimer please note that whilst this content was not provided by IntSights this is a sponsored post.