logo
September 5, 2024 | Jonathan Blackwell

What Is User Management? 

Effective user management allows people to access resources while protecting the security and integrity of data and IT infrastructure. With the rise of remote work and cloud-based applications and infrastructure, user management is a foundational security measure.  User management also...
August 20, 2024 | Martin Cannard

What is Zero Trust?

"Never trust; always verify." That's the philosophy that drives the Zero Trust model, and it represents a major shift from the previous motto: "Trust but verify." As threat actors have become more sophisticated, organizations have shifted their security frameworks away from a network-centric model...
July 24, 2024 | Tyler Reese

Building an Identity and Access Management Framework

While identity and access management (IAM) has always been vital to cybersecurity, its prominence has grown as IT networks have become more complex and businesses have embraced cloud computing. Indeed, a robust IAM strategy is imperative for all organizations today to reduce the risk of costly...
July 18, 2024 | Craig Riddell

10 Security Risks of Poor Access Management and How to Mitigate Them

Secure access management is more than just strong password policies and multi-factor authentication (MFA) – it includes a variety of processes and tools that create an integrated and comprehensive approach to safeguarding digital assets. To manage access effectively, organizations must implement...
July 10, 2024 | Craig Riddell

The Benefits of IAM and RBAC for Securing User Permissions

A vital component of any cybersecurity strategy is robust identity and access management (commonly known by the IAM acronym). This article explains the core elements of an effective IAM implementation and their benefits. Then, it takes a deeper dive into one of those components, role-based access...
May 20, 2023 | Kevin Joyce

RID Hijacking: How Guests Become Admins

RID hijacking is a persistence technique used by adversaries who have compromised a Windows machine. In a nutshell, attackers use the RID (relative identifier) of the local Administrator account to grant admin privileges to the Guest account (or another local account). That way, they can take...
March 3, 2023 | Farrah Gamboa

Securing Your Amazon S3 Buckets

Amazon Web Services (AWS) is the world’s largest cloud provider, with well over a million active users. The popularity of AWS makes it one of the biggest targets for cybercriminals — and one of the leading contributors to breaches is incorrectly configured Amazon S3 buckets. For example, an...
December 1, 2011 | Chris Rich

Why Do You Need Good AD Account Lockout Tools?

Recent download poll results show that administrators need good tools for troubleshooting and resolving account lock-out issues. Strong password policies and account lockout thresholds exist for very good reasons and have been common practice for a number of years now as the first line of defense...
...